数据驱动的网络安全漏洞分类框架

IF 2.2 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IT Professional Pub Date : 2024-05-01 DOI:10.1109/mitp.2024.3374096

Priyanka Rani, Abhijit Kumar Nag, Rifat Shahriyar

{"title":"数据驱动的网络安全漏洞分类框架","authors":"Priyanka Rani, Abhijit Kumar Nag, Rifat Shahriyar","doi":"10.1109/mitp.2024.3374096","DOIUrl":null,"url":null,"abstract":"Unauthorized access to sensitive or confidential data results in a data breach, which can cause significant harm to an organization. Reporting breaches and reviewing prior records can help reduce damages. To aid in preparation, antivirus and security companies have published data breach reports, but they can be difficult to comprehend and require substantial effort to study. This article proposes a data breach incident classification framework using machine learning algorithms (naive Bayes, logistic regression, support vector machine, and random forest) on a dataset from the Privacy Rights Clearinghouse. The framework’s performance is evaluated using various metrics, including accuracy, F1 score, and confusion matrix. The article also employs topic modeling with latent Dirichlet allocation to enhance the classification’s accuracy.","PeriodicalId":49045,"journal":{"name":"IT Professional","volume":"32 1","pages":""},"PeriodicalIF":2.2000,"publicationDate":"2024-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Data-Driven Classification Framework for Cybersecurity Breaches\",\"authors\":\"Priyanka Rani, Abhijit Kumar Nag, Rifat Shahriyar\",\"doi\":\"10.1109/mitp.2024.3374096\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Unauthorized access to sensitive or confidential data results in a data breach, which can cause significant harm to an organization. Reporting breaches and reviewing prior records can help reduce damages. To aid in preparation, antivirus and security companies have published data breach reports, but they can be difficult to comprehend and require substantial effort to study. This article proposes a data breach incident classification framework using machine learning algorithms (naive Bayes, logistic regression, support vector machine, and random forest) on a dataset from the Privacy Rights Clearinghouse. The framework’s performance is evaluated using various metrics, including accuracy, F1 score, and confusion matrix. The article also employs topic modeling with latent Dirichlet allocation to enhance the classification’s accuracy.\",\"PeriodicalId\":49045,\"journal\":{\"name\":\"IT Professional\",\"volume\":\"32 1\",\"pages\":\"\"},\"PeriodicalIF\":2.2000,\"publicationDate\":\"2024-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IT Professional\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/mitp.2024.3374096\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IT Professional","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/mitp.2024.3374096","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

未经授权访问敏感或机密数据会导致数据泄露，从而对组织造成重大损害。报告外泄事件和审查以前的记录有助于减少损失。为了帮助做好准备，杀毒软件和安全公司发布了数据泄露报告，但这些报告可能难以理解，需要花费大量精力进行研究。本文在隐私权信息交换所的数据集上使用机器学习算法（天真贝叶斯、逻辑回归、支持向量机和随机森林）提出了一个数据泄露事件分类框架。该框架的性能使用各种指标进行评估，包括准确率、F1 分数和混淆矩阵。文章还采用了潜在 Dirichlet 分配的主题建模来提高分类的准确性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Data-Driven Classification Framework for Cybersecurity Breaches

Unauthorized access to sensitive or confidential data results in a data breach, which can cause significant harm to an organization. Reporting breaches and reviewing prior records can help reduce damages. To aid in preparation, antivirus and security companies have published data breach reports, but they can be difficult to comprehend and require substantial effort to study. This article proposes a data breach incident classification framework using machine learning algorithms (naive Bayes, logistic regression, support vector machine, and random forest) on a dataset from the Privacy Rights Clearinghouse. The framework’s performance is evaluated using various metrics, including accuracy, F1 score, and confusion matrix. The article also employs topic modeling with latent Dirichlet allocation to enhance the classification’s accuracy.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IT Professional COMPUTER SCIENCE, INFORMATION SYSTEMS-COMPUTER SCIENCE, SOFTWARE ENGINEERING

CiteScore

5.00

自引率

0.00%

发文量

111

审稿时长

>12 weeks

期刊介绍： IT Professional is a technical magazine of the IEEE Computer Society. It publishes peer-reviewed articles, columns and departments written for and by IT practitioners and researchers covering: practical aspects of emerging and leading-edge digital technologies, original ideas and guidance for IT applications, and novel IT solutions for the enterprise. IT Professional’s goal is to inform the broad spectrum of IT executives, IT project managers, IT researchers, and IT application developers from industry, government, and academia.