PERCEIVE: Proactive Exploration of Risky Concept Emergence for Identifying Vulnerabilities & Exposures

Files

Paradis_hawii_0085A_11036.pdf (6.42 MB)

Date

2021

Authors

Contributor

Advisor

Kazman, Rick

Department

Computer Science

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

Ending Page

Alternative Title

Abstract

National databases that collect various kinds of textual threat reports such as ASRS, CERT, and NVD manually process their reports individually. They then offer data products to disseminate the aggregate information, like newsletters, alerts or individual report searching. The goal of this research is to connect these individual reports thematically and temporally to identify emerging or recurring threats, by analyzing large collections of text, source code, collaboration and communication patterns. This capability, I argue, enables us to identify the emergence and recurrence of such themes, and the contexts in which they re-occur, facilitating faster and more capable mitigation. I propose two models to shed light on this goal: An empirical model of vulnerabilities as bugs, the commit flow model, and one of the vulnerabilities and aviation safety threats as topics, the topic flow model. I use as gold standard existing manual workflows in both domains, reflected in the existing data products by these organizations, and empirically evaluate if the automated models can match or outperform existing manual practices.

Description

Keywords

Computer science, Artificial intelligence, Aerospace engineering, ASRS, aviation, NLP, safety threat, software vulnerability, topic modeling

Citation

URI

http://hdl.handle.net/10125/75926

Extent

145 pages

Format

Geographic Location

Time Period

Related To

Related To (URI)

Table of Contents

Rights

All UHM dissertations and theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission from the copyright owner.

Rights Holder

Local Contexts

Collections

Ph.D. - Computer Science
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.