Abstract :
The method based on index system is a typical quantitative method for information security risk assessment. But, because of the complexity of the safety-related factors, during the process of building its index system, it will inevitably produce some irrelevant and redundant indicators index, thereby resulting in the deviation of the assessment results. To solve this problem, this paper proposes a new analysis method named SGCAM (Sobol and Gray relational clustering Comprehensive Analysis Method) based on Sobol based global sensitivity analysis method and gray relational clustering analysis method. Using this method, we can cut irrelevant indicators, merge redundant indicators, and optimize the index system ultimately.
