Document Type
Conference Proceeding
Publication Date
2020
Abstract
Despite more than a decade of heightened focus on cybersecurity, the threat continues. To address possible impacts, cyber threats must be addressed. Mitigation catalogs exist in practice today, but these do not map mitigations to the specific threats they counter. Currently, mitigations are manually selected by cybersecurity experts (CSE) who are in short supply. To reduce labor and improve repeatability, an automated approach is needed for matching mitigations to cyber threats. This research explores the application of supervised machine learning and text retrieval techniques to automate matching of relevant mitigations to cyber threats where both are expressed as text, resulting in a novel method that combines two techniques: support vector machine classification and latent semantic analysis. In five test cases, the approach demonstrates high recall for known relevant mitigation documents, bolstering confidence that potentially relevant mitigations will not be overlooked. It automatically excludes 97% of non-relevant mitigations, greatly reducing the CSE’s workload over purely manual matching
Recommended Citation
@inproceedings{McNeil2020MatchingPM, title={Matching Possible Mitigations to Cyber Threats: A Document-Driven Decision Support Systems Approach}, author={Martha McNeil and Cherie Noteboom and Jiwang Liu and Omar El-Gayar and Thomas Llansó}, booktitle={HICSS}, year={2020} }