Dr. Ross Gore

Dr. Ross Gore

I am Research Associate Professor at Old Dominion University My work focuses on data science and predictive analytics. I am is passionate about extracting useful information from new and diverse data sources to help inform decision making.

Assessing cyber-incidents using machine learning

Published in International Journal of Information and Computer Security, 2018

One of the difficulties in effectively analysing and combating cyber attacks is an inability to identify when, why and how they occur. Victim organisations do not reveal this data for fear of disclosing vulnerabilities and attackers do not reveal themselves for fear of being prosecuted. In this paper, we employ two machine-learning algorithms to identify: 1) if a text-based report is related to a cyber-incident; 2) the topic within the field of cyber-security the incident report addresses. First, we evaluate the effectiveness of our approach using a benchmark set of cyber-incident reports from 2006. Then, we assess the current state of cyber-security by applying our approach to a 2014 set of cyber-incident reports we gathered. Ultimately, our results show that the combination of automatically gathering and organising cyber-security reports in close to real-time yields an assessment technology with actionable results.

Recommended citation: Gore, Ross, Diallo, Saikou Y, Padilla, Jose, Ezell, Barry. (2018). "Assessing cyber-incidents using machine learning." International Journal of Information and Computer Security. 10(4), 341-360.
Download Paper