1 Introduction
Risk analysis [8] [11] [12] is fundamentally all about es-tablishing probabilities. Different people have different opinions about risk and the association of its dependent variables and in our previous research we have used fuzzy logic to model risk [6]. In the DIPS framework [6], the risk analysis was done using threat levels, vulnerability and asset value [5]. We consider that all components within a network scenario falls into one of these categories, and each has attributes, or derived factors, that contribute positively or negatively to risk.