Abstract

To address the problems of lack of training data and difficult to find optimal value in information security risk assessment, this paper applying a new information measure method and fuzzy clustering in information security risk assessment. The new method quantifies risk factors of all data and the dependence degree of safety with the mutual information computing. Then search optimal points in each degree of risk as original center points of K-means clustering algorithm, and use the K-means clustering algorithm for data classification. This method has less computation, and it can overcome the K-means’s shortcoming of sensitive to initial value and problem of  nonlinear and complexity of information security risk assessment. Experimental results show the effectiveness of our method