Matching Possible Mitigations to Cyber Threats: A Document-Driven Decision Support Systems Approach
| dc.contributor.author | Mcneil, Martha | |
| dc.contributor.author | Noteboom, Cherie | |
| dc.contributor.author | Liu, Jun | |
| dc.contributor.author | El-Gayar, Omar | |
| dc.contributor.author | Llanso, Thomas | |
| dc.date.accessioned | 2020-01-04T08:30:26Z | |
| dc.date.available | 2020-01-04T08:30:26Z | |
| dc.date.issued | 2020-01-07 | |
| dc.description.abstract | Despite more than a decade of heightened focus on cybersecurity, the threat continues. To address possible impacts, cyber threats must be addressed. Mitigation catalogs exist in practice today, but these do not map mitigations to the specific threats they counter. Currently, mitigations are manually selected by cybersecurity experts (CSE) who are in short supply. To reduce labor and improve repeatability, an automated approach is needed for matching mitigations to cyber threats. This research explores the application of supervised machine learning and text retrieval techniques to automate matching of relevant mitigations to cyber threats where both are expressed as text, resulting in a novel method that combines two techniques: support vector machine classification and latent semantic analysis. In five test cases, the approach demonstrates high recall for known relevant mitigation documents, bolstering confidence that potentially relevant mitigations will not be overlooked. It automatically excludes 97% of non-relevant mitigations, greatly reducing the CSE’s workload over purely manual matching. | |
| dc.format.extent | 10 pages | |
| dc.identifier.doi | 10.24251/HICSS.2020.780 | |
| dc.identifier.isbn | 978-0-9981331-3-3 | |
| dc.identifier.uri | http://hdl.handle.net/10125/64522 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 53rd Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Cybersecurity and Software Assurance | |
| dc.subject | cyber security | |
| dc.subject | machine learning | |
| dc.subject | mitigation | |
| dc.subject | risk assessment | |
| dc.subject | threat | |
| dc.title | Matching Possible Mitigations to Cyber Threats: A Document-Driven Decision Support Systems Approach | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text |
Files
Original bundle
1 - 1 of 1