Entropy-Driven Decision-Making for Cybersecurity Risk Assessment using PULq-ROFS and the CODAS Technique

Abstract

Multi-criteria group decision-making (MCGDM) is a significant  procedure because it facilitates and enhances decision-making (DM) by  incorporating diverse variables and professional viewpoints, producing more  adequate results. A set of flexibility to manage confusion and un-predictable information is improved by adding probability which makes choices more  predictable. The present work suggests a technique that utilizes fuzziness to  handle MCGDM issues that frequently arise in cybersecurity risk assessment.  This strategy overcomes the fundamental difficulties in privacy and security  information by using the probabilistic uncertain linguistic q-rung orthopair  fuzzy set (PULq-ROFS). Comparedwith other fuzzy collections, such as  statistical tentative, linguistically in-tuitionistic, and linguistically Euclidean  imprecise collections that effec-tively include erratic and non erraticproblems, the PULq-ROFS provides multiple characteristics. To  advance this framework, we propose two new operators the PULq-ROF  einstein weighted average (PULq-ROFEWA) and PULq-ROF Einstein order  weighted average (PULq-ROFEOWA) that efficiently integrate the statistical  lexical choice data. These operations introduce a creative concept within the  PULq-ROF context. Furthermore, by applying the entropy technique, we  determine the relative weights of parameters based on their informational  contribution to the study.  In addition, we employ the combinative distance-based assessment  (CODAS) method to evaluate choices according to their distance from the  least op-timal solution, thereby ensuring a more accurate and reliable  decision-making procedure. The suggested PULq-ROF-CODAS  technique effi-ciency is illustrated by its implementation in cybersecurity  risk assess-ments, where managing ambiguities and communication  judgment are critical. The results support the theoretical frameworks  capacity to rank cybersecurity threats based on significance while maintaining agreement between specialist perspectives and collective  evaluations, ultimately con-tributing to stronger and more well-planned cybersecurity mechanisms.