Please use this identifier to cite or link to this item:

Matching Possible Mitigations to Cyber Threats: A Document-Driven Decision Support Systems Approach

File Size Format  
0630.pdf 384.35 kB Adobe PDF View/Open

Item Summary

Title:Matching Possible Mitigations to Cyber Threats: A Document-Driven Decision Support Systems Approach
Authors:Mcneil, Martha
Noteboom, Cherie
Liu, Jun
El-Gayar, Omar
Llanso, Thomas
Keywords:Cybersecurity and Software Assurance
cyber security
machine learning
risk assessment
show 1 morethreat
show less
Date Issued:07 Jan 2020
Abstract:Despite more than a decade of heightened focus on cybersecurity, the threat continues. To address possible impacts, cyber threats must be addressed. Mitigation catalogs exist in practice today, but these do not map mitigations to the specific threats they counter. Currently, mitigations are manually selected by cybersecurity experts (CSE) who are in short supply. To reduce labor and improve repeatability, an automated approach is needed for matching mitigations to cyber threats. This research explores the application of supervised machine learning and text retrieval techniques to automate matching of relevant mitigations to cyber threats where both are expressed as text, resulting in a novel method that combines two techniques: support vector machine classification and latent semantic analysis. In five test cases, the approach demonstrates high recall for known relevant mitigation documents, bolstering confidence that potentially relevant mitigations will not be overlooked. It automatically excludes 97% of non-relevant mitigations, greatly reducing the CSE’s workload over purely manual matching.
Pages/Duration:10 pages
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections: Cybersecurity and Software Assurance

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons