TY - GEN
T1 - Multi-Metric Fusion Based Quantitative Analysis Method for Comprehensive Cyber Resilience
AU - Han, Gangtao
AU - Xiong, Fengpeng
AU - Tang, Zhiqing
AU - Pan, Gaofeng
AU - Du, Changhao
AU - Zhang, Dalong
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - The growing complexity of cybersecurity systems and the escalating severity of security threats have rendered the concept of traditional absolute security impractical. As an alternative paradigm, cyber resilience has emerged as a critical issue which focus on ensuring business continuity and system availability. At the meantime, researches on quantitative evaluation of cyber resilience also attract worldwide attention. This paper proposes a quantitative multi-metric fusion method for comprehensive cyber resilience evaluation, which integrates multiple key performance metrics to provide a comprehensive evaluation. Specifically, multiple metrics are measured separately under various perturbations, and then the entropy weight method is used to determine the weight of each metric. Additionally, a revised 2-additive fuzzy measures method is proposed to figure out the interactions among different metrics. The resilience value of each metric is quantified by the area under the curve (AUC) method. Finally, fuzzy integration is applied to synthesize these values into a comprehensive cyber resilience score. The proposed method is executed on a Web server system to analyze its comprehensive cyber resilience across distinct perturbation scenarios. Experimental results demonstrate that the proposed method not only accurately captures the comprehensive cyber resilience across several individual dimensions, but also effectively reveals the complex effects of multi-dimensional interactions on the comprehensive cyber resilience.
AB - The growing complexity of cybersecurity systems and the escalating severity of security threats have rendered the concept of traditional absolute security impractical. As an alternative paradigm, cyber resilience has emerged as a critical issue which focus on ensuring business continuity and system availability. At the meantime, researches on quantitative evaluation of cyber resilience also attract worldwide attention. This paper proposes a quantitative multi-metric fusion method for comprehensive cyber resilience evaluation, which integrates multiple key performance metrics to provide a comprehensive evaluation. Specifically, multiple metrics are measured separately under various perturbations, and then the entropy weight method is used to determine the weight of each metric. Additionally, a revised 2-additive fuzzy measures method is proposed to figure out the interactions among different metrics. The resilience value of each metric is quantified by the area under the curve (AUC) method. Finally, fuzzy integration is applied to synthesize these values into a comprehensive cyber resilience score. The proposed method is executed on a Web server system to analyze its comprehensive cyber resilience across distinct perturbation scenarios. Experimental results demonstrate that the proposed method not only accurately captures the comprehensive cyber resilience across several individual dimensions, but also effectively reveals the complex effects of multi-dimensional interactions on the comprehensive cyber resilience.
KW - cyber resilience
KW - cybersecurity
KW - multi-metric fusion
KW - quantitative analysis
UR - https://www.scopus.com/pages/publications/105037324633
U2 - 10.1109/CRESS68073.2025.11452569
DO - 10.1109/CRESS68073.2025.11452569
M3 - Conference contribution
AN - SCOPUS:105037324633
T3 - 2025 IEEE International Conference on Cyber Resilience and Endogenous Safety and Security, CRESS 2025
SP - 83
EP - 90
BT - 2025 IEEE International Conference on Cyber Resilience and Endogenous Safety and Security, CRESS 2025
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2025 IEEE International Conference on Cyber Resilience and Endogenous Safety and Security, CRESS 2025
Y2 - 27 November 2025 through 29 November 2025
ER -