Comparative Analysis of Machine Learning Models to Predict Common Vulnerabilities and Exposure

Authors

  • Shaesta Khan Sheh Rahman Centre for Mathematical Sciences, Universiti Malaysia Pahang Al-Sultan Abdullah, Lebuh Persiaran Tun Khalil Yaakob, 26300 Kuantan, Pahang, Malaysia
  • Noraziah Adzhar Centre for Mathematical Sciences, Universiti Malaysia Pahang Al-Sultan Abdullah, Lebuh Persiaran Tun Khalil Yaakob, 26300 Kuantan, Pahang, Malaysia
  • Nazri Ahmad Zamani Cyber Threat Intelligence Department, Cybersecurity Malaysia, Menara Cyber Axis, Jalan Impact, 63000 Cyberjaya, Selangor, Malaysia

DOI:

https://doi.org/10.11113/mjfas.v20n6.3822

Keywords:

Cyber threat, common vulnerabilities and exposures, unsupervised and supervised machine learning models, accuracy.

Abstract

Predicting Common Vulnerabilities and Exposures (CVE) is a challenging task due to the increasing complexity of cyberattacks and the vast amount of threat data available. Effective prediction models are crucial for enabling cybersecurity teams to respond quickly and prevent potential exploits. This study aims to provide a comparative analysis of machine learning techniques for CVE prediction to enhance proactive vulnerability management and strengthening cybersecurity practices. The supervised machine learning model which is Gaussian Naive Bayes and unsupervised machine learning models that utilize clustering algorithms which are K-means and DBSCAN were employed for the predictive modelling. The performance of these models was compared using performance metrics such as accuracy, precision, recall, and F1-score. Among these models, the Gaussian Naive Bayes achieved an accuracy rate of 99.79%, and outperformed the clustering-based machine learning models in effectively determining the class labels or results of the data it was trained on or tested against. The outcome of this study will provide a proof of concept to Cybersecurity Malaysia, offering insights into the CVE model.

References

Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126

Ophoff, J., & Berndt, A. (2020). Exploring the value of a cyber threat intelligence function in an organization. In IFIP advances in information and communication technology (pp. 96–109). https://doi.org/10.1007/978-3-030-59291-2_7

Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 973–993. https://doi.org/10.1016/j.jcss.2014.02.005

Sarker, I.H., Kayes, A.S.M., Badsha, S. et al. Cybersecurity data science: an overview from machine learning perspective. J Big Data 7, 41 (2020). https://doi.org/10.1186/s40537-020-00318-5

Leverett, É., Rhode, M., & Wedgbury, A. (2021). Vulnerability Forecasting: Theory and practice. Digital Threats Research and Practice, 3(4), 1–27. https://doi.org/10.1145/3492328

Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333. https://doi.org/10.3390/electronics12061333

Sahrom Abu, M., Rahayu Selamat, S., Ariffin, A., & Yusof, R. (2018). Cyber Threat Intelligence – Issue and Challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371. https://doi.org/10.11591/ijeecs.v10.i1.pp371-379

Grigorescu, O., Nica, A. A., Dascalu, M., & Rughinis, R. (2022). CVE2ATT&CK: BERT-Based Mapping of CVEs to MITRE ATT&CK Techniques. Algorithms, 15(9), 314. https://doi.org/10.3390/a15090314

Yeboah-Ofori, A., Ismail, U. M., Swidurski, T., & Opoku-Boateng, F. (2021). Cyberattack Ontology: A Knowledge Representation for Cyber Supply Chain Security. 2021 International Conference on Computing, Computational Modelling and Applications (ICCMA). https://doi.org/10.1109/iccma53594.2021.00019

Tang, X., Astle, Y. S., & Freeman, C. (2020). Deep Anomaly Detection with Ensemble-Based Active Learning. 2020 IEEE International Conference on Big Data (Big Data). https://doi.org/10.1109/bigdata50022.2020.9378315

Ahsan, M., Nygard, K. E., Gomes, R., Chowdhury, M. M., Rifat, N., & Connolly, J. F. (2022). Cybersecurity Threats and Their Mitigation Approaches Using Machine Learning—A Review. Journal of Cybersecurity and Pivacy, 2(3), 527–555. https://doi.org/10.3390/jcp2030027

Naseer, I. (2024). Machine Learning Applications in Cyber Threat Intelligence: A Comprehensive review. Deleted Journal, 3(2), 190–200. https://doi.org/10.62019/abbdm.v3i2.85

Setiadi F. F.,Kesiman M. W. A. and Aryanto 2021 Detection of dos attacks using naive bayes method based on internet of things (iot)J. Phys.: Conf. Ser. doi: 10.1088/1742-6596/1810/1/012013

Sharmila, B. S., & Nagapadma, R. (2019). Intrusion Detection System using Naive Bayes algorithm. 2019 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE). https://doi.org/10.1109/wiecon-ece48653.2019.9019921

Ayogu, B. A., Adetunmbi, A. O., & Ayogu, I. I. (2019). A comparative analysis of Decision Tree and Bayesian Model for Network Intrusion Detection System. FUOYE Journal of Engineering and Technology, 4(2). https://doi.org/10.46792/fuoyejet.v4i2.362

Amor, N. B., Benferhat, S., & Elouedi, Z. (2004). Naive Bayes vs decision trees in intrusion detection systems. Proceedings of the 2004 ACM Symposium on Applied Computing, Nicosia, Cyprus, 14–17 March 2004. https://doi.org/10.1145/967900.967989

Panda M. and Patra, M.R. (2007) Network Intrusion Detection using Naive Bayes. Int. J. Comput. Sci. Netw. Secur. 7(12), 258–263.

Yosifova V., A. Tasheva and R. Trifonov. (2021) Predicting Vulnerability Type in Common Vulnerabilities and Exposures (CVE) Database with Machine Learning Classifiers. 12th National Conference with International Participation (ELECTRONICA), Sofia, Bulgaria. pp. 1-6. https://doi:10.1109/ELECTRONICA52725.2021.9513723

Novianto, B., Suryanto, Y., & Ramli, K. (2021). Vulnerability Analysis of Internet Devices from Indonesia Based on Exposure Data in Shodan. IOP Conference Series Materials Science and Engineering, 1115(1), 012045. https://doi.org/10.1088/1757-899x/1115/1/012045

Chen Z. and Li Y. F., “Anomaly Detection Based on Enhanced DBScan Algorithm,” Procedia Engineering 15, 178–182 (2011). doi: https://doi.org/10.1016/j.proeng.2011.08.036

Sahoo, K., Samal, A. K., Pramanik, J., & Pani, S. K. (2019). Exploratory data analysis using python. International Journal of Innovative Technology and Exploring Engineering, 8(12), 4727–4735. https://doi.org/10.35940/ijitee.L3591.1081219

Downloads

Published

16-12-2024

Issue

Vol. 20 No. 6 (2024): November - December

Section

Article

License

Copyright (c) 2024 Shaesta Khan Sheh Rahman, Noraziah Adzhar, Nazri Ahmad Zamani

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.