Document Type : Original Article


Department of Industrial Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran.


Network security is paramount in safeguarding the integrity of computer networks and the data they host. The primary objective of network security is to protect data from cyber-attacks and ensure the overall reliability of the network. A robust network security strategy deploys various solutions to shield data within networks, safeguarding both users and organizations from potential threats. This paper introduces a novel approach to evaluating computer network security using Data Envelopment Analysis (DEA), a mathematical method designed to measure the performance of Decision-Making Units (DMUs) employing identical inputs to yield identical outputs. We present a practical application of DEA to assess the security of 10 distinct networks, treating them as DMUs. The resulting performance measurements allow us to classify computer network security into four levels: "terribly insecure," "insecure," "safe," and "very safe. To optimize the discriminating power of DEA, we employ Principal Component Analysis (PCA) to reduce the number of inputs and outputs. It not only enhances the precision of our evaluation but also ensures that the number of DMUs remains well-suited to the analysis. As a rule of thumb, the number of DMUs should be at least three times larger than the sum of the numbers of inputs and outputs to maintain DEA's discriminating power. Through the combined application of DEA and PCA, this research contributes a comprehensive and efficient method for evaluating and classifying computer network security, providing valuable insights for enhancing overall network resilience against cyber threats.


[1]     Xie, Q., Zhu, Y., Shang, H., & Li, Y. (2021). Variations on the theme of slacks-based measure of efficiency: convex hull-based algorithms. Computers & industrial engineering, 159.
[2]     Simmonds, A., Sandilands, P., & Van Ekert, L. (2004). An ontology for network security attacks. Applied computing (pp. 317–323). Berlin, Heidelberg: Springer Berlin Heidelberg.
[3]     Pawar, M. V, & Anuradha, J. (2015). Network security and types of attacks in network. Procedia computer science, 48, 503–506.
[4]     Greitzer, F. L., & Hohimer, R. E. (2011). Modeling human behavior to anticipate insider attacks. Journal of strategic security, 4(2), 25–48.
[5]    Charnes, A., Cooper, W. W., & Rhodes, E. (1978). Measuring the efficiency of decision making units. European journal of operational research, 2(6), 429–444.
[6]    Farrell, M. J. (2018). The measurement of productive efficiency. Royal statistical society. Journal series a: general, 120(3), 253–281.
[7]    Banker, R. D., Charnes, A., & Cooper, W. W. (1984). Some models for estimating technical and scale inefficiencies in data envelopment analysis. Management science, 30(9), 1078–1092.
[8]   Adler, N., & Golany, B. (2001). Evaluation of deregulated airline networks using data envelopment analysis combined with principal component analysis with an application to Western Europe. European journal of operational research, 132(2), 260–273.
[9]   Tone, K. (2001). A slacks-based measure of efficiency in data envelopment analysis. European journal of operational research, 130(3), 498–509.
[10]  Shermeh, H. E., Najafi, S. E., & Alavidoost, M. H. (2016). A novel fuzzy network SBM model for data envelopment analysis: a case study in Iran regional power companies. Energy, 112, 686–697.
[11]   Rasoulzadeh, M., Edalatpanah, S. A., Fallah, M., & Najafi, S. E. (2022). A multi-objective approach based on Markowitz and DEA cross-efficiency models for the intuitionistic fuzzy portfolio selection problem. Decision making: applications in management and engineering, 5(2), 241–259.
[12] Nojehdehi, R. R., Abianeh, P. M. M., & Valami, H. B. (2012). A geometrical approach for fuzzy production possibility set in data envelopment analysis (DEA) with fuzzy input-output levels. African journal of business management, 6(7), 2738.
[13]   Ghasemi, N., Najafi, E., Hoseinzadeh Lotfi, F., & Movahedi Sobhani, F. (2020). Assessing the performance of organizations with the hierarchical structure using data envelopment analysis: an efficiency analysis of Farhangian University. Measurement, 156, 107609.
[14]   Najafi, E., Aryanezhad, M., & others. (2011). A BSC-DEA approach to measure the relative efficiency of service industry: a case study of banking sector. International journal of industrial engineering computations, 2(2), 273–282.
[15]   Lotfi, F. H., Sadjadi, S. J., Khaki, A., & Najafi, E. (2010). A combined interval net DEA and BSC for evaluating organizational efficiency. Applied mathematical sciences, 4(36–39), 1975–1999.
[16]   Kianfar, K., Ahadzadeh Namin, M., Alam Tabriz, A., Najafi, E., & Hosseinzadeh Lotfi, F. (2023). Presentation of a novel integrated DEA-BSC model with network structure in multi objective problems. International journal of data envelopment analysis, 3(11).
[17]   Jaberi Hafshjani, M., Najafi, S. E., Hosseinzadeh Lotfi, F., & Hajimolana, S. M. (2021). A hybrid BSC-DEA model with indeterminate information. Journal of mathematics, 2021, 8867135.
[18]   Rasinojehdehi, R., & Valami, H. B. (2023). A comprehensive neutrosophic model for evaluating the efficiency of airlines based on SBM model of network DEA. Decision making: applications in management and engineering, 6(2), 880–906.
[19]   Bagherzadeh Valami, H., & Raeinojehdehi, R. (2016). Ranking units in data envelopment analysis with fuzzy data. Journal of intelligent & fuzzy systems, 30, 2505–2516. DOI:10.3233/IFS-151756
[20]   Shirin Karami, R. G. Y., & Mousazadegan, F. (2021). Supplier selection and evaluation in the garment supply chain: an integrated DEA–PCA–VIKOR approach. The journal of the textile institute, 112(4), 578–595.
[21]   Łozowicka, A., & Lach, B. (2022). CI-DEA: a way to improve the discriminatory power of DEA— using the example of the efficiency assessment of the digitalization in the life of the generation 50+. Sustainability, 14(6).
[22]   Peixoto, M. G. M., Musetti, M. A., & de Mendonça, M. C. A. (2020). Performance management in hospital organizations from the perspective of principal component analysis and data envelopment analysis: the case of federal university hospitals in Brazil. Computers & industrial engineering, 150.
[23]   Horng, S. J., Su, M. Y., Chen, Y. H., Kao, T. W., Chen, R. J., Lai, J. L., & Perkasa, C. D. (2011). A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert systems with applications, 38(1), 306–313.
[24]   Ahmad, B., Jian, W., Ali, Z. A., Tanvir, S., & Khan, M. S. (2019). Hybrid anomaly detection by using clustering for wireless sensor network. Wireless personal communications: an international journal, 106(4), 1841–1853.
[25]   Tran, D., Ma, W., & Sharma, D. (2008). Network anomaly detection using fuzzy gaussian mixture models. International journal of future generation communication and networking, 1(1), 37–42.
[26]   Golmah, V. (2014). An efficient hybrid intrusion detection system based on C5. 0 and SVM. International journal of database theory and application, 7(2), 59–70.
[27]   Mulak, P., & Talhar, N. (2014). Novel intrusion detection system using hybrid aprroach. International journal of advanced research in computer science and software engineering, 4(11).
[28]   Takkellapati, V. S., & Prasad, G. (2012). Network intrusion detection system based on feature selection and triangle area support vector machine. International journal of engineering trends and technology, 3(4), 466–470.
[29]   Ioannis, K., Dimitriou, T., & Freiling, F. C. (2007). Towards intrusion detection in wireless sensor networks. Proc. of the 13th European wireless conference (pp. 1–10).
[30]   Amini, M., & Jalili, R. (2004). Network-based intrusion detection using unsupervised adaptive resonance theory (art). Proceedings of the 4th conference on engineering of intelligent systems (eis 2004) (pp. 1–7).
[31]   Yang, X., & Zhu, A. (2021). Research on computer network security emergency response systematization. Journal of physics: conference series, 1771(1), 1–6.