Alexandria Engineering Journal (2020) xxx, xxx–xxx

H O S T E D BY
Alexandria University

Alexandria Engineering Journal

www.elsevier.com/locate/aej
www.sciencedirect.com

Automatic cyber security risk assessment based

on fuzzy fractional ordinary differential equations
Zhongru Wang a,b, Lei Chen c,d,⁎, Shouyou Song b, Pei Xin Cong a, Qiang Ruan e

a
Key Laboratory of Trustworthy Distributed Computing and Service (BUPT), Ministry of Education, Beijing University of Posts
and Telecommunications, Beijing, China
b
Chinese Academy of Cyberspace Studies, Beijing, China
c
Center for Straegic Studies, Chinese Academy of Engineering, Beijing, China
d
National University of Defense Technology, Changsha, Hunan, China
e
Beijing DigApis Technology Co., Ltd, Beijing, China

Received 22 April 2020; revised 8 May 2020; accepted 10 May 2020

KEYWORDS Abstract Real-time network security risk detection is of great significance to the research of
Fuzzy fractional order ordi- dynamic network security, and it is one of the current research hotspots of network security. Based
nary differential equations; on the idea of artificial immune, a dynamic network intrusion detection and prediction model based
Immunity; on fuzzy fractional ordinary differential equations is proposed. The uniqueness of the solution is
Network security risk assess- studied in the square integrable equation space using the principle of compression operator, and
ment; then the second type of solution is proposed. The differential-type piecewise Taylor series expansion
Dynamic network intrusion method of the linear Fredholm integral equation is used to obtain the approximate solution expres-
detection; sions and perform convergence and error estimation. The process of network attack detection, anti-
Intrusion detection body concentration calculation method and risk prediction process based on time series
autoregressive moving average model are given. The experimental results show that the model
can quantitatively analyze the current security situation of the network in real time and make pre-
dictions about the risks faced by the network. The prediction effect of catastrophe network risk is
better than the GM (1, 1) model, and it is close to the actual risk situation, with high prediction
accuracy.
Ó 2020 Faculty of Engineering, Alexandria University. Production and hosting by Elsevier B.V. This is an
open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

1. Introduction

Network security has become a problem that people need to

face. At present, there are two main methods for network secu-
⁎ Corresponding author at: Center for Straegic Studies, Chinese rity detection: real-time monitoring and static evaluation. In the
Academy of Engineering, Beijing, China. static evaluation of the network, in many cases, different evalu-
E-mail address: cl@cae.cn (L. Chen). ation standards are used to evaluate it. [1] It is also possible to
Peer review under responsibility of Faculty of Engineering, Alexandria use network security experts to make necessary assessments of
University. network security in a timely manner. [2] Vulnerabilities and
https://doi.org/10.1016/j.aej.2020.05.014
1110-0168 Ó 2020 Faculty of Engineering, Alexandria University. Production and hosting by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
2 Z. Wang et al.
network security can accurately analyze and evaluate problems
[3], but these evaluations need some static factors in the network
system as the basic conditions for the evaluation. For the most
part, static evaluation lacks the necessary real-time nature, so
it is better The method is network monitoring. The following
first analyzes the theoretical basis of the system, and then
explains the overall system design and subsystems to ensure
the security of the information network.
Fuzzy fractional calculus is an important branch of calcu-
lus. Considering general non-local boundary value conditions
in theoretical research and practical applications, it can more
accurately simulate actual physical processes. However, the
non-local boundary value problem is inherent in itself The dif-
ficulty of studying the existence of solutions to the three-point
boundary value problem of second-order nonlinear ordinary
differential equations has opened the prelude to the study of
non-local boundary value problems [4–6]. In recent years,
many experts and scholars have started on this basis Turn
attention to more general boundary value conditions, such as
singular boundary value conditions [7], boundary value condi-
tions on infinite intervals [8], integral boundary value condi-
tions [9], fractional order boundary value conditions [10],
and Non-linear boundary value conditions [11], etc., and have
obtained a series of profound and important research results.
People have continuously obtained inspiration from biological
systems, and proposed bionic computing methods, such as
artificial neural networks [12], genetic algorithms [12], DNA
computing [13], evolutionary computing [14,15], etc. The bio-
logical immune system is also a highly evolved biological sys-
tem, which aims to distinguish harmful external antigens
from its own tissues, thereby eliminating pathogens and main-
taining the stability of the organism [16,17]. At present, AIS
has developed into a brand new branch of computational intel-
ligence research [18–21]. Due to the amazing similarities
between computer security issues and problems encountered
by the biological immune system, both of which must maintain
system stability in a constantly changing environment, so com-
puter security has become the most widely used field of artifi-
cial immune systems One [22]. Methods based on information
fusion generally include several levels of target feature fusion,
situation assessment, and threat assessment. The higher-level
threat assessment is to infer or judge the degree of threat based
on the results of network security situation awareness. Refer-
ence [23] proposed a risk assessment framework based on
information fusion. Based on this, reference [24], etc. was mod-
ified and implemented. Literature [25] proposed a method of
network security risk assessment using Bayesian network to
fuse IDS detection information, but this method only roughly
evaluates the security risks faced by the system based on the
type of attack the target system is suffering. Literature [26]
proposed the use of Mamdani fuzzy neural network inference
algorithm for the final information fusion to obtain the current
system’s risk status. At present, due to the complexity, ambigu-
ity, and uncertainty of network information and its acquisition
methods, it is difficult to establish an effective network security
risk assessment model based on information fusion. The main
risk assessment methods proposed at present are all static
assessment methods. Only a static assessment of the long-
term risk status of the network can roughly and quantitatively
evaluate the network security risks in real-time under network
attacks. Therefore, when a large-scale network intrusion
occurs, it often leads to system crashes and causes huge disas-
Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
ters. Real-time cyber security risk assessment is of great signif-
icance to the research of dynamic cyber security theory, but
compared with the static cyber security risk assessment
research, the research results of real-time cyber security risk
assessment at home and abroad are few and are still in the
exploratory stage.
We proposed a real-time network security risk detection
method based on fuzzy fractional differential equation artifi-
cial immunity, and proposed a quantitative calculation model
of network security risk based on antibody concentration. This
model can quantitatively calculate the entire network and the
overall risk faced by the host and the risk of some kind of
attack; the generalized fuzzy fractional differential equation
buffing equation is equivalent to the second type of Hammer-
stein integral equation and the Green function under the three-
point boundary value condition, and the existence and unique-
ness of the solution And numerical methods.
2. Construction of fuzzy fractional ordinary differential
equations
Currently, the definitions of fuzzy fractional derivatives are
mainly Grunwald-letnikov-type fractional derivatives,
Riemann-Liouville-type fractional derivatives, Caputo-type
fractional derivatives, WeyL-type fractional derivatives, and
Resz-type fractional derivatives. Due to the general integral
It is difficult to give an analytical solution to an equation.
Except for special forms of integral equations such as degener-
ate kernels, which can give real solutions, we can only give
numerical solutions for general integral equations. Therefore,
more research on the solution of integral equations is to con-
struct Effective numerical methods have been studied in this
area, which has attracted many experts to study, and many
monographs on integral equations are covered. In addition,
some textbooks on numerical analysis also briefly introduce
the numerical solutions of integral equations. Among them,
the more classical numerical methods include finite difference
approximation, successive approximation, modified functional
solution, undetermined coefficient method, degenerate kernel
approximate replacement method, formulation method, Nys-
trom method, Galerkim approximation method, Taylor series
expansion method, etc.
Let’s first briefly introduce the Taylor series expansion
method. The general considerations are the following Fred-
holm integral equations of the second type:
Zb
uðxÞ þ Kðx; tÞuðtÞdt ¼ fðxÞ; x 2 ½a; b ð1Þ
a
Here K (x, t) and f (x) are known equations on a finite
closed interval [a, b]. They are unknown equations. The
essence of Taylor series expansion is to expand the equation
uðxÞ to a Taylor level at a point in the domain And then sub-
stituting it into the integral term in the equation, constructing
algebraic equations about the value of each point and its
derivative value by some methods, obtaining its value and its
derivative value, and further obtaining the approximate solu-
tion of uðxÞ for the integral equation, the Taylor series expan-
sion method is a simple and effective numerical method, but it
also notices that there are cases of slow convergence, and when
b-a > 1, it will bring large errors. On this basis, a piecewise
Automatic cyber security risk assessment 3

Taylor series expansion method of the second type of Fred- Consider the second type of Fredholm integral equation:
holm integral equations is proposed. The original Taylor series Z1
expansion method is only the case of m = 1 in this method. 1 1 1
uðxÞ  ðx þ 1Þext uðtÞdt ¼ ex  þ eðxþ1Þ ; x 2 ½0; 1
Finally, we will give the second type of Fredholm integral 2 2 2
0
equation, the error estimation of Taylor series expansion
method and the proof of convergence. ð7Þ
First, we choose a series of isometric nodes as follows: We choose the case of n = 4 for calculation. For the fuzzy
a ¼ x0  x1 ::::  xm ¼ bðm P 1Þ; fractional order differential segmentation proposed in this
ba chapter, Taylor series expansion method we choose n = 4,
xq ¼ a þ qh ðq ¼ 0; 1::mÞ; h¼ ð2Þ m = 2,4,8, for convenience we will pair the value m And n
m
are recorded as: (m, n) = (2, 4), (m, n) = (4, 4) and (m,
m1 Z
qþ1 n) = (4, 8), so the symbol (m, n) = (1,4) represents the result
X
uðxÞ þ Kðx; tÞuðtÞdt ¼ fðxÞ ð3Þ obtained by using Taylor series expansion method when
q¼0 n = 4. In addition, the symbol S (8, 0) represents the calcula-
q
tion result using the complex Simpson formula when m = 8
(that is, divided into 8 segments), as shown in Table 1.
t ¼ xq þ hr
Table 1 gives the results of the absolute errors of the real
m1 Z
t
X ð4Þ and numerical solutions of various methods. By comparing
uðxÞ þ h Kðx; xq þ hrÞuðxq þ hsÞds ¼ fðxÞ these data, we can see the feasibility of the numerical method
q¼0
0 proposed in this chapter. The numerical results are more
If the function uðxÞ is a polynomial of degree no greater effective.
than m, then the above formula without the Lagrange remain-
der is actually the expansion of the function uðxÞ.
3. Model and application of cyber security risk detection based
m1 Z
t
X Xn
uj ðxq Þ on immune
uðxÞ þ h Kðx; xq þ hsÞ½ ðhsÞj  ¼ fðxÞ ð5Þ
q¼0 j¼0
j!
0 The overall structure of this method is shown in Fig. 1. LCRS
Here i = 0,1, . . ., n, if x ¼ xp ðp ¼ 0; 1:::m  1Þ is obtained: is used to assess the local risk of each host in the network, as
shown in Fig. 1. Mature immune cells match a certain number
m1 X
X Zt
n
ujq h of non-self antigens in a certain life cycle and will be activated
uip þh KiS ðxp ; xq þ hsÞds ¼ fi ðxp Þ ð6Þ to evolve into memory immune cells, otherwise they will die
q¼0 j¼0
j!
0 due to age. Memory immune cells have an infinite life cycle.
It is important to point out here that if there is a finite num- When a new self is added to the system, those mature immune
ber of discontinuities in a certain derivative of the kernel func- cells and memory immune cells that are intolerant to the new
tion K (x, t), we can still use the differential piecewise Taylor self will die, thereby reducing the false positive value of the sys-
series expansion method for numerical solution. Next we will tem (judge the self as non-self). When a memory immune cell
give solutions the solution to the problem. Since we get many detects an invasion, its corresponding antibody concentration
similarities between the kernel function K (x, t) and the Green increases; when the invasion disappears, its corresponding
function G (x, t), and the Green function is not differentiable antibody concentration decreases to zero. Under normal cir-
when  = t, so here we use the kernel function K (x, t). cumstances, the antibody concentration of immune cells in
When  = t is not differentiable as an example to briefly LCRS is stable.
explain the solution, other discontinuities are similar.
From the above theorem, we can see that the differential 3.1. Security risk detection model based on fuzzy fractional
type Taylor series expansion method is convergent, that is, ordinary differential equation
as m or n increases, the approximate solution um;n ðxÞ con-
verges to the true solution uðxÞ. For the traditional Taylor ser- Risk prediction is based on current and historical network
ies expansion, there is a relational expression h = b-a. It can security information, and quantitatively predicts the state of
be seen from the error estimation formula that when b- network security in a certain period in the future. It provides
a > 1, a large error may be brought about, and this method an accurate basis for formulating a reasonable response strat-
solves this problem well by means of piecewise expansion. egy and suppressing network attacks.

Table 1 Absolute error between exact solution and numerical solution of the above formula.
Fuzzy Fractional Differential Type Piecewise Taylor Series Expansion Method Some other known methods
0.00 (2,4) (4,4) (8,4) (1,4)[22] (1,4)[14] S(8,0)[16]
0.25 3.382e-5 1.116e-6 3.369e-8 1.698e-2 1.310e-3 0.432e-5
0.50 4.264e-5 1.229e-6 3.729e-8 0.473e-2 0.185e-3 0.517e-5
0.75 4.264e-5 1.286e-6 3.962e-8 0.175e-2 0.114e-4 0.682e-5
1.00 4.399e-5 1.355e-6 4.46e-8 2.535e-2 0.246e-3 0.956e-5

Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
4 Z. Wang et al.

The autoregressive moving average model is a commonly Because the linear model is a stationary model, we must
used and effective method in time series prediction. The vari- first determine the stability of the network security time series
able r(t) itself is used to explain the variable with its lag term RðtÞ ¼ frðt1 Þ; rðt2 Þ::::rðtn Þg and introduce the delay operator
and random error term. It can be found in the case that the B : rt ¼ rt1 .
data pattern is unknown in advance. A model is suitable for Using the properties of the delay operator B, the ARMA
data review. Therefore, this model uses this model to predict model is transformed into the following form:
network risks and has achieved good results. According to
rtk ðrt  u1 ðB  rt Þ  u2 ðB2  rt Þ:::  up ðBp  rt ÞÞ
the theory of random time series analysis, network security risk ð9Þ
prediction is made based on the security risk value ¼ rtk ða  h1 ðB  at Þ  h2 ðB  at Þ::::  hq ðBq  at ÞÞ
rðt1 Þ; rðt2 Þ::::rðtn Þ:::: of the network security time series before
time t and t. The security risk random variable rtþh ðh  0Þ of (2) Differential transformation
this time series at time t + h (h > 0) to predict, record this pre-

dicted value as rt ðhÞ. This time series is called dynamic data. Since the network security situation time series of non-
The ARMA model can be expressed as ARMAðp; qÞ, where stationary processes can use the differential operator
P is the order of the autoregressive process; R is the order of 4rt ¼ rt  rt1 to perform a first-order differential transforma-
the moving average process, using the following difference tion on the network security sequence
equation model: RðtÞ ¼ frðt1 Þ; rðt2 Þ::::rðtn Þg of non-stationary processes, the
 
rt  u1 rt1  u2 rt2 :::::  up rtp ¼ a1  h1 at1 ::::  hq atq ð8Þ 1
first-order differential sequence R1s ðtÞ ¼ of network
t
Security risk prediction based on the ARMA model security risks is obtained as follows:
includes:  
1
¼ 4rt ¼ ð1  BÞrt ð10Þ
(1) Judgment of stationarity t

Fig. 1 Local risk of each host structure.

Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
Automatic cyber security risk assessment 5

In this way, its growth trend and periodic change trend are
eliminated, and the time series obtained after transformation is
stable, so that the process can be described by ARMA model.
(3) Parameter detection
Get the covariance function in the
determination:
ct ¼ u1 ct1  u2 ct2 :::  up ctp
(4) Model prediction
After solving all the parameters of the ARMA (p, q) model,
the ARMA (p, q) model was rewritten as:
rtþh ¼ u1 rtþh1 þ u2 rtþh2 :::: þ up rtþhp þ atþh  h1 atþh1
 h2 atþh2 :::  hq atþh1 ; h  0
pated in the experiment. Simulate more than 20 kinds of
attacks such as synflood, land, smurf, and teardrop on the net-
work. In the experiment, the update period of the antigen is 4;
the affinity calculation function uses: continuous bit function;
the life cycle of mature immune cells is set to 2 days. In Iremns,
false positives (self-antigens are incorrectly identified as non-
stationary self) should be zero, which is determined by the dynamic toler-
ance mechanism of Iremns. Therefore, in the experiments, only
the correct positive rate (TP) is used to measure Irmns and the
ð11Þ
ability to correctly distinguish between self and non-self.
In the experiment, in order to adjust the parameters of
Irmns, the following experiment was repeated 10 times each
time. In order to increase the correct affirmation rate of
Iremns, the activation threshold of mature immune cells and
the maximum number T of mature immune cells must be
adjusted. Fig. 2 reflects the influence of the activation thresh-
old on the TP value of Iremns. It can be seen from the figure
that the larger the activation threshold, the smaller the TP
ð12Þ value of Iremns. This is because the size of the activation

3.2. Real-time risk assessment

Before calculating network security risks, you should first

know what kind of attacks the host or network is currently
experiencing, that is, classify the memory immune cells in
Mb. To solve this problem, this paper proposes a blood rela-
tionship method. The blood relationship is defined as follows:
consanguinity ¼ f< x; y > jx; y 2 Mb g ð13Þ
There are similar genes between x and y, then the intrusion
detected by x and y may belong to the same type of attack.
Through the largest blood lineage, we can classify the mem-
ory cell Mb; through the gene sequence of the largest blood lin-
eage, we can describe the specific characteristics of each type of
memory cell. Mb records all the attacks that the current system
has encountered. The largest blood lineage two and its gene
sequence two respectively express the types and characteristics
of cyber attacks (the number of types of cyber attacks hit by
the system so far is jpj ¼ n, and the attack characteristics are Fig. 2 Effect of activation threshold TP value.
Agene
i ði ¼ 1; :::nÞ. , The concentration of antibody in memory
cells in Ai indicates the intensity (risk) of the current system
facing type i attack Ai, and the weighted sum of antibody con-
centrations of all memory cells in p (by category Ai) shows the
overall risk of all attacks in the current system .
1
Ri ðtÞ ¼ P 1 ð14Þ
l xp
1þe x2Ci

When Ri ðtÞ ¼ 0, it indicates that attacking Cgene

i ðtÞ does not
threaten the network; when Ri ðtÞ ¼ 1, it indicates that attack-
ing Cgene
i ðtÞ is extremely dangerous to the network. The larger
is Ri ðtÞ, the greater is the threat of the network to Cgene i ðtÞ
attacks. When Ri ðtÞ ¼ 0 indicates that the entire network is
not at risk; when Ri ðtÞ ¼ 1 indicates that the entire network
is extremely dangerous; the larger the R (t) value, the more
dangerous the entire network is.

4. Experimental verification

The experiment was conducted in the network security attack Fig. 3 Effect of the maximum number of mature immune cells
and defense laboratory, and a total of 40 computers partici- on the TP value.

Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
6 Z. Wang et al.

Table 2 Cybersecurity risk levels.

Risk level very low low Lower Medium Higher High Very High
Value at risk 0–0.1 0.1–03 0.3–0.4 0.4–0.6 0.6–0.8 0.8–0.9 0.9–1

Table 3 ‘‘Security Risk Snapshots” of the entire network.

Time 60
Cyber security risk 0.761
Disease types Name Risk indicator
syn. flood 0.705
land 0.112
teardrop 0.023
Epidemic syn. flood
disaster area A,B,C
Need to see a doctor Need

Table 4 Security Risk Snapshot of Host A.

Time 60
Cyber security risk 0.854
Disease types Name Risk indicator
syn. flood 0.797
land 0.115
teardrop 0.043
Epidemic syn. flood
Need to see a doctor Need
threshold determines the number of memory immune cells.
The smaller the activation threshold, the more likely it is that
mature immune cells will be activated and evolved into mem-
ory immune cells during the life cycle, which will lead to a
greater number of memory immune cells generated. It can be
known from the previous morphological space theory that
the larger the number of memory cells, the larger the antigen
space covered, and therefore the larger the TP value of the sys-
tem. Fig. 3 reflects the effect of the maximum number of
mature immune cells on the TP value of Iremns. It can be seen
from the figure that the larger the maximum number of mature
immune cells, the larger the TP value of Iremns. Similar to the
effect of the activation threshold on the TP value of the system,
the larger the maximum number of mature immune cells, the
larger the number of memory immune cells generated, and
therefore the larger the TP value of the system.
The risks of network security can be divided into 7 levels, as
shown in Table 2. In addition, the system can also know what
‘‘illness” is prevalent now (by looking at the memory cells that
are frequently activated in the largest blood relatives in each
computer); where and what ‘‘illness” (by looking at the largest
blood relatives in each computer) System and its genetic
sequence); whether the ‘‘illness” is very serious (a very serious
and fatal network invasion has occurred and the antibody con-
centration of the memory cells that detected the invasion is too
high), you must immediately ask the ‘‘doctor” (security admin-
istrator) for help; form Tables 3 and 4 give a ‘‘network security
snapshot” of the entire network and host A, respectively,
Fig. 4 Forecast of the overall security risk of the mainframe.
which briefly and concisely describes the security risk situation
facing the current system.
In order to verify the prediction effect of the ARMA model,
the gray dynamic prediction GM (1, 1) model based on the
gray theory is compared with the actual calculated risk value
in Fig. 4. From the comparison between the network security
situation predicted by the two models and the actual attack
intensity curve, it can be found that the geometry of the GM
(1, 1) model for the prediction result of the network security
situation is a smooth curve, which can grasp the overall net-
work security situation. When the actual security situation
fluctuates, the GM (1, 1) model predicts a larger security situ-
ation than the actual error. The ARMA-based network secu-
rity situation prediction model is significantly better than the
GM (1, 1) model in predicting the catastrophe of the network
security situation, and it can reduce the impact of random fac-
tors on security situation changes. The predicted network secu-
rity situation and reality risks are closer and have higher
accuracy.
5. Conclusion
A quantitative detection model of immune network security
risk based on fuzzy fractional ordinary differential equations
is proposed, which is a real-time risk detection method for net-
work security a more effective new approach. In addition, this
paper also proposes a dynamic tolerance method to reduce the
system’s false positive rate, and a blood line method to auto-
matically classify network attacks. The shortcomings of cur-
rent network risk detection and prediction are analyzed,
artificial immune technology is applied to network security risk
prediction, and a dynamic network attack detection model
based on immunity and security detection and prediction
model based on antibody concentration are established. This

Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
Automatic cyber security risk assessment
model is analyzed and verified by simulation experiments.
Experimental results show that this model can correctly predict
the current security status of the network. Compared with the
GM (1, 1) model, the results are more accurate and have cer-
tain application and promotion value. This article has mathe-
matically modeled self, non-self, antigen, antibody, immune
cells, clone selection, dynamic evolution of mature immune
cells, and dynamic evolution of memory immune cells in net-
work security. This has universal significance. One step can
not only be used in network security, make necessary changes
to the structure in the corresponding mathematical model and
give different physical explanations, it can also be used in the
research of pattern recognition, combination optimization and
other issues.
Declaration of Competing Interest
The authors declare that they have no known competing
financial interests or personal relationships that could have
appeared to influence the work reported in this paper.
Acknowledgements
This work was supported in part by the Key-Area Research
and Development Program of Guangdong Province, China
No. 2019B010137004 and No. 2019B010136003.
References
[1] Z. Xiong, Z. Ye, J. He, Small agricultural machinery path
intelligent tracking control based on fuzzy immune PID, Jiqiren/
robot 37 (2) (2015) 212–223.
[2] Wu Shaofei, A Traffic Motion Object Extraction Algorithm, Int.
J. Bifurcation Chaos 25 (14) (2015) 1540039.
[3] Qi Zhang, Chunjie Zhou, Naixue Xiong, Multimodel-Based
Incident Prediction and Risk Assessment in Dynamic
Cybersecurity Protection for Industrial Control Systems, IEEE
Trans. Syst. Man Cybernet. Syst. 46 (10) (2015) 8–16.
[4] T. Grandon Gill, Bernardo Rodrigues, Employing Dynamic
Logic in Cybersecurity, J. Information Technol. Res. 6 (1) (2017)
56–75.
[5] Yan Li, Young-Sik Jeong, Byeong-Seok Shin, Crowdsensing
Multimedia Data: Security and Privacy Issues, IEEE
Multimedia 24 (4) (2017) 58–66.
[6] Wu. Shaofei, Mingqing Wang, Yuntao Zou, Research on
internet information mining based on agent algorithm, Future
Generation Computer Syst. 86 (2018) 598–602.
[7] Roberto A. Ku-Carrillo, Sandra E. Delgadillo, B.M. Chen-
Charpentier, A mathematical model for the effect of obesity on
cancer growth and on the immune system response, Appl. Math.
Model. 40 (7–8) (2015) 4908–4920.
[8] Y. Fukuzawa, M. Samejima, An Approach to Risks in Cyber
Physical Systems based on Information Security Psychology,
IEEJ Trans. Electronics Informat. Syst. 134 (6) (2014) 756–759.
[9] Song Deng, Dong Yue, Fu. Xiong, Security risk assessment of
cyber physical power system based on rough set and gene
expression programming, IEEE/CAA J. Autom. Sin. 2 (4)
(2015) 431–439.
Please cite this article in press as: Z. Wang et al., Automatic cyber security risk assessment based on fuzzy fractional ordinary differential equations, Alexandria Eng.
J. (2020), https://doi.org/10.1016/j.aej.2020.05.014
7
[10] Wu. Shaofei, Mingqing Wang, Yuntao Zou, Bidirectional
cognitive computing method supported by cloud technology,
Cognit. Syst. Res. 52 (2018) 615–621.
[11] R. Jorgensen, D. Rowe, N. Wyler, Competitions and
gamification in cybersecurity education and workforce
development and evaluation of real world skills, J. Computing
Sci. Colleges 33 (2017).
[12] G. Kunlun, W. Zhihao, A.N. Ningyu, et al, Construction of the
Immune System of Cyber Security for Electric Power Supervise
and Control System Based on Trusted Computing, Adv. Eng.
Sci. 10 (15) (2017) 345–365.
[13] W. Xinlei, W. Yue, S.O. Law, et al, Strategic Analysis of Cyber
Security Risk Insurance: Based on the Research Structure of
Cyber Insurance Life Process, J. Intelligence 11 (2017) 323–334.
[14] J. Yang, C. Zhou, S. Yang, et al, Anomaly Detection Based on
Zone Partition for Security Protection of Industrial Cyber-
Physical Systems, IEEE Trans. Ind. Electron. 10 (11) (2017) 22–
39.
[15] Nir Nissim, Aviad Cohen, Yuval Elovici, ALDOCX: Detection
of Unknown Malicious Microsoft Office Documents Using
Designated Active Learning Methods Based on New Structural
Feature Extraction Methodology, IEEE Trans. Inf. Forensics
Secur. 12 (3) (2017) 631–646.
[16] Wu. Shaofei, Nonlinear information data mining based on time
series for fractional differential operators, Chaos 29 (2019)
013114.
[17] N.Z. Khidzir, K.A.M. Daud, A.R. Ismail, et al, Information
Security Requirement: The Relationship Between Cybersecurity
Risk Confidentiality, Integrity Availability Digital Social Media
(2018) 229–237.
[18] M. Janusz Kusyk, Umit Uyar, Cem Safak Sahin. Survey on
evolutionary computation methods for cybersecurity of mobile
ad hoc networks, Evol. Intel. 10 (1) (2018) 1–23.
[19] YuS. Vasilev, D.P. Zegzhda, M.A. Poltavtseva, Problems of
Security in Digital Production and Its Resistance to Cyber
Threats, Automatic Control Comput. Sci. 52 (8) (2018) 1090–
1100.
[20] K. Nunley, Cybersecurity in the nation’s capitol: banquet
speaker, J. Comput. Sci. Colleges 32 (2017).
[21] A. Bindra, From the Grid to the Point-of-Load, Cybersecurity
Is Taking Precedence [From the Editor], IEEE Power Electron.
Mag. 4 (3) (2017) 4–6.
[22] R. Wang, P. Li, Research on Network Malicious Code Immune
Based on Imbalanced Support Vector Machines, Chinese J.
Electronics 24 (1) (2015) 181–186.
[23] Michael Levi, Matthew Leighton, Williams. Multi-agency
partnerships in cybercrime reduction: Mapping the UK
information assurance network cooperation space,
Information Manage. Comput. Security 21 (5) (2013) 420–443.
[24] U.S.G.A. Office, Cybersecurity: National Strategy, Roles, and
Responsibilities Need to Be Better Defined and More Effectively
Implemented, Government Accountability Office Rep. (2013)
282–289.
[25] Wu. Shaofei, Jun Liu, Lizhi Liu, Modeling method of internet
public information data mining based on probabilistic topic
model, J. Supercomput. 75 (2019) 5882–5897.
[26] N.A. Giacobe, Measuring the Effectiveness of Visual Analytics
and Data Fusion Techniques on Situation Awareness in Cyber-
security, Dissertations & Theses - Gradworks (2013) 236–245.