Date of Award
4-2019
Document Type
Master Thesis
Degree Name
Masters of Science (Research)
Department
Computing
First Advisor
Mr Andrew Shields
Second Advisor
Dr Pat Doody
Abstract
The risk of cyber-attacks exploiting vulnerable organisations has increased significantly over the past several years. Cyber-attacks can be described as any type of aggressive strategy which targets computer information systems, computer networks, personal computer systems or other organisational infrastructures which may originate internally or externally. These attacks may combine to exploit a vulnerability breach within a system’s protection strategy which has the potential for loss, damage or destruction of assets. Consequently, every vulnerability has an accompanying risk which is defined as the “intersection of assets, threats, and vulnerabilities”.
This research project uses various types of recommender system techniques, employed for the identification and similarity-based ranking of cyber security information, relating to software and hardware vulnerabilities. Here the hypothesis is that the similarity-based ranking of this cyber security information can increase the user satisfaction of security personnel through a ranked list of recommended security information. For this research project, Top-N collaborative filtering recommender system techniques were used, specifically the User-Based and Item-Based MemoryBased methods and state-of-the-art approaches of SLIM and FISM. Three User-ItemRating datasets were constructed through the National Vulnerability Database (NVD) which were employed by the recommendation techniques. In addition, Top-N evaluation was performed through the AUC, NDCG and MAP metrics.
Results show that the FISM Top-N techniques out-perform both MemoryBased methods and SLIM approach for all the three software and hardware user-itemrating datasets. This Top-N Collaborative Filtering technique obtained the highest Top-N evaluation accuracy which offers security personal a top 10 recommendation list of software and hardware vulnerabilities based on the similarity of vulnerable assets and a vulnerability severity score. Furthermore, the FISM technique shows a significant improvement over Memory-Based and other state-of-the-art Collaborative Filtering techniques, through the Top-N evaluation of alternate real recommender system datasets.
Recommended Citation
Coleman, Shane, "Machine Learning for Real-Time Data-Driven Security Practices" (2019). Theses [online].
Available at: https://sword.cit.ie/allthe/812
Access Level
info:eu-repo/semantics/openAccess
Coverage
July 2024