IRS: An Issue Resolution System for Cyber Attack Classification and Management

Cyber-attacks have greatly increased over the years, where the attackers have strategically improved in devising attacks toward a specific target. In order to correctly classify cyber-attacks there is a considerable need to neatly organize a representation scheme that is useful in an application setting. The classification of cyber-attacks within knowledge bodies, such as Computer Emergency Readiness Team (CERT) and Common Vulnerabilities and Exposures (CVE), are very useful for organizations gathering data as information is made available. However, there is substantial information to decipher when locating relevant details that are prevalent in local networks. We propose an issue resolution system (IRS) to detect and extract information from external vulnerability repositories and internal log files to assist with classifying and disseminating defenses. In this work we provide a frequent pattern classification algorithm that performs data mining techniques to classify attack vector information from the national vulnerability database (NVD). The results suggest the IRS presents a viable solution to correctly extract vulnerability information within a local knowledge base. Keywords-Security; Security Management, Information Extraction; Algorithm; Taxonomy