Applied Mechanics and Materials Submitted: 2014-08-05 ISSN: 1662-7482, Vols. 651-653, pp 1953-1957 Accepted: 2014-08-06 doi:10.4028/www.scientific.net/amm.651-653.1953 Online: 2014-09-30 2014 Trans Tech Publications, Switzerland Study on the Quantitative Vulnerability Model of Information System based on Mathematical Modeling Techniques Yunzhi Li School of Management and Economics, Beiing Institute of Technology, Beiing, 100081, China Keywords: Information system; Vulnerability; Partial differential equation; Quantitative criteria; Mathematical modeling; VB programming Abstract. The idea of mathematical modeling is used to establish the quantitative model of information system vulnerability assessment, and the model is solved by using the partial differential method. The algorithm is realized by using VB programming, and it obtains the quantitative solution of information system vulnerability. Quantitative assessment of information system security and risk is the difficulty of system vulnerability assessment, and it establishes the risk model of system by means of mathematics modeling idea. The risk model is divided into the actual risk and the potential risk. The paper uses VB programming software, and establishes a quantitative model of information system evaluation by combining with partial differential method, and the algorithm is carried out the eperimental verification by using the method of numerical simulation. Through the calculation, the mathematical modeling ideas can effectively obtain the vulnerability quantitative standard and the risk level of information system, which provides the technical reference for the research of information system security evaluation method. Introduction With the rapid development of the computer network in our country, the main business of more and more fields can t do without a computer, and all depends on the implementation of information system. However, with the security risks being more and more, the security of the applied system is getting more and more attention, so the system we used must go through the security risk assessment. The vulnerability assessment of information system is divided into the qualitative evaluation and the quantitative evaluation, where the quantitative evaluation is the difficulty of information vulnerability assessment [1,2]. With the idea of mathematical modeling, the quantitative criteria of the actual risk and the potential risk is used to build the model for information system vulnerability, and the use of VB software has successfully achieved the algorithm. Application of the Idea of the Mathematical Modeling in the Vulnerability Assessment of Information System The general risk calculation model has four aspects of factors, including risks, threats, vulnerabilities and assets. While information system, as a special risk system, mainly eists the actual risk and the potential risk [3]. Due to the two kinds of the risks have many influence factors, and it should establish mathematical models to get the quantitative criteria [4]. And it obtains the risk evaluation model through the degree of threat and the probability of security incidents occurred, as shown in Figure 1. Figure 1 shows the designed model of information system risk assessment. The hazard identification and the vulnerability assessment are used to carry on the quantitative evaluation on the security of system. Finally, the vulnerability inde of comprehensive evaluation is obtained by using the algorithm procedures. And the safety risk of the system is calculated according to the vulnerability evaluation standard. All rights reserved. No part of contents of this paper may be reproduced or transmitted in any form or by any means without the written permission of Trans Tech Publications, www.ttp.net. (ID: 130.203.136.75, Pennsylvania State University, University Park, USA-08/05/16,20:30:23)
1954 Material Science, Civil Engineering and Architecture Science, Mechanical Engineering and Manufacturing Technology II Fig. 1 The calculation model of risk Design of the Mathematical Model and the Algorithm of the Quantitative Assessment of Information System Vulnerability In the process of the quantitative vulnerability assessment of information system, it can refer to the general risk assessment calculation model, which can conveniently realize the quantitative vulnerability of information system [5,6]. In the general risk assessment model, the calculation principle of value at risk is as shown in formula (1). F = Y ( A, W, V ) = Y ( L( W, V ), F( I a, Va )). (1) Where Y represents the security risk function model of quantitative assessment system. A represents the security authentication system of information system. W represents the potential risk. V a and L represent the vulnerability of information system and the probability of security events occurred. In order to accurately quantify the vulnerability of information system, risk quantification can be written as the potential risk and the actual risk. It is as shown in formula (2). u i = ui + u i. (2) The security defense and vulnerability of the system itself are as shown in formula (3). φ = φ + φ. (3) The formula (1) and (2) are put into the continuous partial differential equations, and then it can get the differential equations as shown in formula (4). Dui φ u u i u l 2 ρ = + µ + δ i + ( ρu iu ). Dt i i 3 l (4) For the quantification of information system, it is mainly to solve the, and the specific formula of solution is as shown in the formula (5). Generally, it uses the method of Boussinesq hypothesis that the mean velocity gradient and the Reynolds stress are approimate as shown. u u i ui ρ uiu µ 2 = t + ( ρk + µ t ) δ i. (5) i 3 i Where it represents the risk parameters and the total energy quantitative equation of information system is as shown in formula (6). c pµ t T ( ρ E) + [ ui ( ρe + p)] = k + u i eff + S h t i + i t ( τ ). (6) Pr i Where (τ represents the quantitative standard. The standard can evaluate the level of the ) i eff safety risks for information system [7]. The program algorithm of security risk assessment is designed by using VB software. And the mainly used program is as follows. #include <stdio.h> void main() u i
Applied Mechanics and Materials Vols. 651-653 1955 {int t=1,i=2; do {t=t*i;i++;} while (i<=5); printf("%d\n",t); } #include <stdio.h> void main() {int sum=0; scanf("%d",&i); while (i<=10) {sum=sum+i; i++;} printf("%d\n",sum);}... Eperimental Research on the Mathematical Modeling of Quantitative Vulnerability Assessment for Information System In order to validate the validity and reliability of the mathematical model and algorithm of the quantitative vulnerability of information system designed in the second section, VB programming software is used to design the mathematical model of quantitative vulnerability of information system [8,9]. The used VB program interface is shown in Figure 2. Figure 2 shows the open interface of VB6.0. VB has used the GUI system. GUI system can simply establish the application program, and also can develop quite complicated program, which is a combination of visual components based on the form. VB6.0 has a good compatibility with other softwares. Fig. 2 The interface of VB6.0 professional version Fig. 3 Calculation of the convergence curve Figure 3 shows the convergence curve through the calculation. It can be seen from the chart that when the iteration calculation is at the third step, it can have a stable converge, and it indicates that the algorithm of information system vulnerability assessment has a very good convergence, and the convergence speed of the algorithm is higher. Figure 4 shows a three-dimensional calculation curves of vulnerability assessment. It can be seen from the chart that the fusion of the vulnerability curves and the standard quantitative curve is better, which shows that this system doesn t eist great risk in the quantitative assessment of system, at the same time it is consistent with the safety standard. Table 1 Quantification table of information system vulnerability Vulnerability quantification Quantitative criteria Quantification results 1 10 8 2 10 11 3 10 15
1956 Material Science, Civil Engineering and Architecture Science, Mechanical Engineering and Manufacturing Technology II Fig. 4 3D calculation curves of vulnerability assessment Table 1 shows the quantitative results of information system vulnerability. It can be seen from the table that the use of the idea of mathematical modeling can effectively quantify the vulnerability of information system, and it can determine the level of information system vulnerability according to the quantitative standard [10,11]. According to the different levels, it can use different colors to label the quantitative results. Fig. 5 3D visualization of vulnerability evaluation Figure 5 shows the visualization results of the quantitative vulnerability of information system. It can be seen that it obtains the corresponding quantitative value of each risk evaluation, and it sets a quantitative standard line [12]. When it is larger than the standard line, the color will gradually appear to be red, which can have eye-catching tips for the operator, so as to have a good realization of the visualization of information evaluation. Summary With the use of the mathematical modeling principle of partial differential equations, the paper designed the quantitative vulnerability mathematical model of information system. The quantitative model included the quantification of the actual risk assessment and the potential risk assessment. The program algorithm of the model was implemented by using VB programming software. In order to verify the validity and reliability of the evaluation method, the information system was carried on the quantitative assessment analysis by using VB software. Through the calculation, it got the calculated residual convergence curve of the algorithm. It could be seen from the convergence results, the residual of the algorithm was smaller, then the accuracy was higher, and the speed of convergence was fast. Through the quantitative assessment of information system vulnerability, it managed to get the risk quantitative standards and the level of vulnerability eisting in the system, which provided technical support for the application of the idea of mathematical modeling in information system. In this paper we establish the cluster algorithm mathematical model of image processing, and introduce it into motion capture of consecutive frame, and use MATLAB programming to realize the function. In this paper, we introduce the X-ray photography technology into motion capture in track and field sports, and use the cluster algorithm to capture the motion continuously, and design using
Applied Mechanics and Materials Vols. 651-653 1957 the clustering algorithm of image capture and image processing. We use the MATLAB to test the image effect captured by X-ray photography. Through calculation we find that image enhancement effect is obvious, and it reduces the error of motion capture. It provides a new method for computer image processing in track and field. References [1] Bo Jin, Jiaun Liu. Review on the intrusion detection technology [J]. Journal of East China University of Science and Technology, 2010(1): 45-46. [2] Jianchun Jiang, Hengtai Ma. A survey of intrusion detection research on network security[j]. Journal of software, 2010(3): 12-13. [3] Manun Lin, Hualin Qian. Intrusion detection system: principle, intrusion hiding and countermeasures [J]. Microelectronics & computer, 2012(1):23-25. [4] Yuanfang Pu, Wei Zhang, Shaohua Teng, Hongle Du. A cooperative network intrusion detection based on decision tree [J]. Journal of Jiangi Normal University: Natural Science Edition, 2010, 34 (3): 302-307. [6] Houqing Lu, Feng Wang, Yisheng Song, et al. Targets damage assessment system based on compaign simulation [J]. Journal of PLA University of Science and Technology: Natural Science Edition, 2011, 10 (2): 139-143. [7] Di Wu, Xiaogang Zhao, Fengian Zhu. Simulation study and realization of UAV Ad Hoc network in reencounter scenario [J]. Journal of system simulation, 2011, 20 (23): 6409-6413. [8] Zhigao Luo, Binbin Fan, Xiaodong Guo, Xiang Wang, Ju Li. Analysis of the three-dimensional melting flow in inection cavity based on the wavelet finite element [J]. China mechanical engineering, 2010, 20 (10): 1244-1247. [9] Xing Zhang, Changiang Shen. A new kind of control module design scheme of the trusted platform [J]. Geomatics and information science of Wuhan University, 2011, 33 (10): 1011-1014. [10] Wei Wang, Neng Gao, Lina Jiang. Security demands analysis of cloud computing [J]. Information network security, 2012(30): 67-68. [11] Huimo Wang, Yu Zhang. Research on the situation data model in oint operations simulation [J]. Acta Simulate Systematical Sinica, 2011, 20 (15): 4186-4188. [12] Jun Liu, Zhe Li, Lei Yue. Design and implementation of the self- organization network simulation platform [J]. Computer science, 2011, 35 (1): 24-26, 30.
Material Science, Civil Engineering and Architecture Science, Mechanical Engineering and Manufacturing Technology II 10.4028/www.scientific.net/AMM.651-653 Study on the Quantitative Vulnerability Model of Information System Based on Mathematical Modeling Techniques 10.4028/www.scientific.net/AMM.651-653.1953