Högskolan i Skövde

his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A selective ensemble model for cognitive cybersecurity analysis
University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment. (Distribuerade realtidssystem, Distributed Real-Time Systems (DRTS))ORCID iD: 0000-0003-4791-8452
University of Skövde, School of Informatics. University of Skövde, Informatics Research Environment. (Distribuerade realtidssystem, Distributed Real-Time Systems (DRTS))ORCID iD: 0000-0002-7312-9089
2021 (English)In: Journal of Network and Computer Applications, ISSN 1084-8045, E-ISSN 1095-8592, Vol. 193, article id 103210Article in journal (Refereed) Published
Abstract [en]

Dynamic data-driven vulnerability assessments face massive heterogeneous data contained in, and produced by SOCs (Security Operations Centres). Manual vulnerability assessment practices result in inaccurate data and induce complex analytical reasoning. Contemporary security repositories’ diversity, incompleteness and redundancy contribute to such security concerns. These issues are typical characteristics of public and manufacturer vulnerability reports, which exacerbate direct analysis to root out security deficiencies. Recent advances in machine learning techniques promise novel approaches to overcome these notorious diversity and incompleteness issues across massively increasing vulnerability reports corpora. Yet, these techniques themselves exhibit varying degrees of performance as a result of their diverse methods. We propose a cognitive cybersecurity approach that empowers human cognitive capital along two dimensions. We first resolve conflicting vulnerability reports and preprocess embedded security indicators into reliable data sets. Then, we use these data sets as a base for our proposed ensemble meta-classifier methods that fuse machine learning techniques to improve the predictive accuracy over individual machine learning algorithms. The application and implication of this methodology in the context of vulnerability analysis of computer systems are yet to unfold the full extent of its potential. The proposed cognitive security methodology in this paper is shown to improve performances when addressing the above-mentioned incompleteness and diversity issues across cybersecurity alert repositories. The experimental analysis conducted on actual cybersecurity data sources reveals interesting tradeoffs of our proposed selective ensemble methodology, to infer patterns of computer system vulnerabilities.

Place, publisher, year, edition, pages
Elsevier, 2021. Vol. 193, article id 103210
Keywords [en]
Information security, Vulnerability analysis, Data correlation, Machine learning, Ensemble, Data mining, Database management
National Category
Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Distributed Real-Time Systems
Identifiers
URN: urn:nbn:se:his:diva-20524DOI: 10.1016/j.jnca.2021.103210ISI: 000709557700008Scopus ID: 2-s2.0-85114497022OAI: oai:DiVA.org:his-20524DiVA, id: diva2:1591151
Note

CC BY 4.0

Available online 4 September 2021, 103210

This research has been supported in part by EU ISF (Internal Security Fund) in the context of Project Grant # A431.678/2016.

Available from: 2021-09-06 Created: 2021-09-06 Last updated: 2021-11-11Bibliographically approved

Open Access in DiVA

fulltext(3107 kB)343 downloads
File information
File name FULLTEXT03.pdfFile size 3107 kBChecksum SHA-512
b1128df4a05490729f48c72fcc4136a52d43b9fe29182cbce186c2a621dbee9ffaf7997f373bfe7b452ca9164a048ad109e4f7d52d1e3a398bb8f54f3f32ce44
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Jiang, YuningAtif, Yacine

Search in DiVA

By author/editor
Jiang, YuningAtif, Yacine
By organisation
School of InformaticsInformatics Research Environment
In the same journal
Journal of Network and Computer Applications
Other Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 356 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 317 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf