Information security incident probability calculation model based on Poisson distribution

DOI：10.7511/dllgxb201603010

 作者 单位 宋明秋,郝岩

从信息安全事件的概率分布规律出发，根据泊松分布的基本特征，通过数学证明了信息安全事件发生频数服从泊松分布，并采用国家互联网应急中心(CNCERT/CC)统计数据验证了这一理论结果．在此基础上，基于贝叶斯定理，建立了泊松分布下的信息安全事件概率计算模型．根据泊松分布的概率质量函数，计算了信息安全事件发生频数的先验概率分布；通过构建似然函数调整先验概率分布，得到信息安全事件发生频数后验概率分布；最后，采用CNCERT/CC统计数据验证了该模型的可行性和有效性．

From the possibility distribution rules of information security incidents and according to the basic characteristics of Poisson distribution the frequency of information security incidents is proved mathematically to obey Poisson distribution .The verification is done by using the statistical data of National Internet Emergency Center (CNCERT/CC). On this basis, an information security incidents probability calculation model with Poisson distribution is established based on the Bayes theorem. Then, taking advantage of the probability mass function, the prior probability distribution of information security incidents is calculated, and a likelihood function is modeled to adjust the prior probability distribution, and the posterior probability distribution of the frequency of information security incidents is got. Finally, the statistical data of CNCERT/CC demonstrate the feasibility and effectiveness of the model.