Logistic Regression Model for Predicting Warning 'Incident' Rates and Implications for the Common Vulnerability Scoring System

Autor: Liu, Enhao
Jazyk: angličtina
Rok vydání: 2017
Předmět:
Druh dokumentu: Text
Popis: Sophisticated cyber attackers exploit vulnerabilities to access restricted information. It is critical for cyber security administrator to reveal the associations among vulnerabilities and attacks. Since attacks are rare events, a more general class of cyber security events might be called “warnings” which might be viewed as one type of “incident” and which usually involve no data breach. Yet, even with a warning there are generally significant expenses for investigation and resolution. The purpose of this thesis is to provide a statistic model to analyze what vulnerability factors significantly affect warnings, and to predict the probability of incidents on hosts according to real-world data. The warning incident events are dichotomous outcomes. To fit the binary logistic regression model, there are a number of data preparation steps including aggregation and imputation. By converting vulnerability-based data to host-based data which covers all the information related to the cyber environment factors, the logistic regression model is conducted to evaluate the associations among these factors and warning incidents. After a series of statistical diagnostics conducted to validate the proposed model, the analyses of effects of factors on the probability of waring incidents are presented. Specifically, the worst severity level of vulnerabilities on a host measured by Common Vulnerability Scoring System is found to significantly predict outcomes along with several other variables relevant to clarifying the system state. The resulting models and other factors which including operating system, host type and the mode of management offer important implications for cyber security professionals and for the Common Vulnerability Scoring System itself.
Databáze: Networked Digital Library of Theses & Dissertations