Print Email Facebook Twitter Automating cyber security advisories Title Automating cyber security advisories: Supervised machine learning for automated decision making Author Weegink, Stefan (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Zarras, A. (mentor) Degree granting institution Delft University of Technology Programme Computer Science Date 2022-09-27 Abstract There is an everlasting struggle for organisations to remediate vulnerabilities in IT systems before being the victim of an exploitation. Organisations try to reduce this struggle by turning to specialized cyber organisations, which use their expertise to recommend resolving a subset of vulnerabilities. Unfortunately, the process of recommending a selection of vulnerabilities is primarily done manually. Manual labour is time consuming and requires skilled personnel. Automating cyber advisories reduces both these problems.We introduce ACSA, a process designed for the Automation of Cyber Security Advisories. ACSA creates a dataset that can be used by advisory publishers to automate their publications with minimal effort. The dataset contains around 90,000 advisories which are filtered by a machine learning model to the set published by the organisation. We applied the ACSA process and dataset to both the Dutch and Canadian NCSC and found that on average we can already automate the majority of advisories. This constitutes a significant workload reduction in comparison to the situation prior to the automation. Even better results are observed when looking at the performance of ACSA on specific vendors. For some vendors we are able to automate more than 90% of the advisories while creating minimal false positives. Subject automated advisoriespatch prioritizationvulnerability prioritisationkeyword extractionsupervised learningexploit prediction To reference this document use: http://resolver.tudelft.nl/uuid:008e979d-7683-4810-b1d0-160008e18d95 Part of collection Student theses Document type master thesis Rights © 2022 Stefan Weegink Files PDF MSc_Thesis_Stefan_Weegink.pdf 2.66 MB Close viewer /islandora/object/uuid:008e979d-7683-4810-b1d0-160008e18d95/datastream/OBJ/view