Using Machine Learning for Description and Inference of Cyber Threats, Vulnerabilities, and Mitigations

Srinivasan, Ashwin

Author(s)

Srinivasan, Ashwin

DownloadThesis PDF (967.3Kb)

Advisor

Hemberg, Erik

O’Reilly, Una-May

Terms of use

In Copyright - Educational Use Permitted Copyright MIT http://rightsstatements.org/page/InC-EDU/1.0/

Metadata

Show full item record

Abstract

Machine learning and natural language processing (NLP) can help describe and make inferences on the vast amount of text data in cybersecurity. We use a graph database named BRON, which contains data from publicly available threat and vulnerability sources, for machine learning inference. Applying machine learning to BRON can provide us with more robust relationships, which can improve defenses against cyber threats. We experiment with different feature representations and subsets of the data, and show that machine learning and NLP can effectively classify edges between entries from different data sources as well as predict possible edge candidates. Experts agree that several of our predicted candidates are plausible edges. We also analyze defensive mitigation similarities using NLP techniques and find that there are identical mitigation descriptions for some entries that have internal relationships.

Date issued

2022-02

URI

https://hdl.handle.net/1721.1/143257

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Collections

Graduate Theses