Skip to content

Cyber security incidents analysis and classification in a case study of Korean enterprises

Research output: Contribution to journalArticle

The increasing amount and complexity of Cyber security attacks in recent years have made text analysis and data mining techniques an important factor in discovering features of such attacks and detecting future security threats. In this paper, we report on the results of a recent case study that involved the analysis of a community dataset collected from five small and medium companies in Korea. The dataset represents Cyber security incidents and response actions. We investigated in the study the kind of problems concerned with the prediction of response actions to future incidents from features of past incidents. Our analysis is based on text mining methods, such as n-gram and bag-of-words, as well as on machine learning algorithms for the classification of incidents and their response actions. Based on the results of the study, we also suggest an experience-sharing model, which we use to demonstrate how companies may share their trained classifiers without the sharing of their individual datasets in a collaborative environment.
Original languageEnglish
Pages (from-to)2917–2935
Number of pages19
JournalKnowledge and Information Systems
Volume62
Issue number7
Early online date27 Mar 2020
DOIs
Publication statusPublished - 23 Jun 2020

Documents

Related information

Relations Get citation (various referencing formats)

ID: 18930789