Högskolan i Skövde

his.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A selective ensemble model for cognitive cybersecurity analysis
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi. (Distribuerade realtidssystem, Distributed Real-Time Systems (DRTS))ORCID-id: 0000-0003-4791-8452
Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi. (Distribuerade realtidssystem, Distributed Real-Time Systems (DRTS))ORCID-id: 0000-0002-7312-9089
2021 (Engelska)Ingår i: Journal of Network and Computer Applications, ISSN 1084-8045, E-ISSN 1095-8592, Vol. 193, artikel-id 103210Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Dynamic data-driven vulnerability assessments face massive heterogeneous data contained in, and produced by SOCs (Security Operations Centres). Manual vulnerability assessment practices result in inaccurate data and induce complex analytical reasoning. Contemporary security repositories’ diversity, incompleteness and redundancy contribute to such security concerns. These issues are typical characteristics of public and manufacturer vulnerability reports, which exacerbate direct analysis to root out security deficiencies. Recent advances in machine learning techniques promise novel approaches to overcome these notorious diversity and incompleteness issues across massively increasing vulnerability reports corpora. Yet, these techniques themselves exhibit varying degrees of performance as a result of their diverse methods. We propose a cognitive cybersecurity approach that empowers human cognitive capital along two dimensions. We first resolve conflicting vulnerability reports and preprocess embedded security indicators into reliable data sets. Then, we use these data sets as a base for our proposed ensemble meta-classifier methods that fuse machine learning techniques to improve the predictive accuracy over individual machine learning algorithms. The application and implication of this methodology in the context of vulnerability analysis of computer systems are yet to unfold the full extent of its potential. The proposed cognitive security methodology in this paper is shown to improve performances when addressing the above-mentioned incompleteness and diversity issues across cybersecurity alert repositories. The experimental analysis conducted on actual cybersecurity data sources reveals interesting tradeoffs of our proposed selective ensemble methodology, to infer patterns of computer system vulnerabilities.

Ort, förlag, år, upplaga, sidor
Elsevier, 2021. Vol. 193, artikel-id 103210
Nyckelord [en]
Information security, Vulnerability analysis, Data correlation, Machine learning, Ensemble, Data mining, Database management
Nationell ämneskategori
Annan elektroteknik och elektronik
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
URN: urn:nbn:se:his:diva-20524DOI: 10.1016/j.jnca.2021.103210ISI: 000709557700008Scopus ID: 2-s2.0-85114497022OAI: oai:DiVA.org:his-20524DiVA, id: diva2:1591151
Anmärkning

CC BY 4.0

Available online 4 September 2021, 103210

This research has been supported in part by EU ISF (Internal Security Fund) in the context of Project Grant # A431.678/2016.

Tillgänglig från: 2021-09-06 Skapad: 2021-09-06 Senast uppdaterad: 2021-11-11Bibliografiskt granskad

Open Access i DiVA

fulltext(3107 kB)293 nedladdningar
Filinformation
Filnamn FULLTEXT03.pdfFilstorlek 3107 kBChecksumma SHA-512
b1128df4a05490729f48c72fcc4136a52d43b9fe29182cbce186c2a621dbee9ffaf7997f373bfe7b452ca9164a048ad109e4f7d52d1e3a398bb8f54f3f32ce44
Typ fulltextMimetyp application/pdf

Övriga länkar

Förlagets fulltextScopus

Person

Jiang, YuningAtif, Yacine

Sök vidare i DiVA

Av författaren/redaktören
Jiang, YuningAtif, Yacine
Av organisationen
Institutionen för informationsteknologiForskningsmiljön Informationsteknologi
I samma tidskrift
Journal of Network and Computer Applications
Annan elektroteknik och elektronik

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 306 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 269 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf