A Fuzzy Cyber-Risk Analysis Model for Assessing Attacks on the Availability and Integrity of the Military Command and Control Systems

Literature Review

Several methods have been proposed in the literature to deal with imperfect data. Imperfect data can be characterized as being imprecise or uncertain. Other types of imperfect data such as vague or ambiguous data can be considered a special form of imprecision or uncertainty (Smets, 1997). Bayesian theory is often used to deal with both imprecision and uncertainty (Fienberg, 2006; Howson & Urbach, 1993; Jaynes, 2003). The theory of evidence is also used to deal with data that contains both imprecision and uncertainty at the same time (Shafer, 1976; Dempster, 1967). However, rough sets theory is used to handle imprecision when uncertainty is involved but cannot be quantified (Pawlak, 1991). The theory of possibility is used to handle incomplete data, which is a combination of imprecise and uncertain data (Zadeh, 1978). In contrast with these theories that can only handle one type of imperfection, random sets and the conditional event algebra can handle all types of imperfect data (Goodman et al., 1997). We use fuzzy values in our model to represent vagueness and ambiguity. Fuzzy logic enables computation in the face of vagueness and ambiguity, generating approximate results (Nedjah & Mourelle, 2005). While uncertainty represents the state of knowledge about a piece of data, imprecision is the characteristic of the data that cannot be expressed with a single value. The theory of fuzzy sets has been proposed by Zadeh (1965) to deal with vague data which is a particular form of both imprecise and uncertain data. Fuzzy sets have been used to account for the vague data in various work flow management systems (Lin et al., 2007; Tsai & Wang, 2008). The membership function of a fuzzy set defines the mapping of inputs to the degree or strength of membership, ranging from 0 to 1. The shape of this membership function can vary, as any function whose image is between 0 and 1 is a possible membership function. The most common forms of these functions are those represented by straight lines, such as triangular and trapezoidal member functions. In the proposed method, trapezoidal fuzzy numbers are used to capture and convert the fuzzy imprecise and uncertain information. Among the various types of fuzzy numbers, trapezoidal fuzzy numbers are used most often for characterizing linguistic information in practical applications (Klir & Yuan 1995, Yeh & Deng 2004). The common use of trapezoidal fuzzy numbers is mainly attributed to their simplicity in both concept and computation.