Ontology Based Security Threat Assessment and Mitigation for Cloud Systems Page: 84
xii, 155 pagesView a full description of this dissertation.
Extracted Text
The following text was automatically extracted from the image on this page using optical character recognition software:
processing the data to remove noise or outliers and selecting the most significant features
that lead to highly confident predictions. Azure ML Studio offers the necessary tools to
facilitate these pre-processing tasks such as Project Columns and Filter-Based Feature Se-
lection. For the Filter Based Feature Selection module, we used the Pearson correlation
feature scoring method for identifying the most significant features from the data sets. For
our data sets, this process selected 25 metrics. The next step is deciding how many data sets
to use for training the machine learning model, and how many data sets to use for validating
the trained model. In Azure, this is achieved by using the Split module. We chose a 50-50
split for training and validating the model.
We found that regression-based models are well suited for our purpose. We explored
all available Azure ML Studio's [13] machine learning regression models and determined that
a Boosted Decision Tree Regression [61] is the best for our predictions. By following the easy-
to-use predictive framework illustrated in Fig. 4.23, we trained and scored our chosen model
using the generated OpenSSL dataset (from the previous section) targeting the #CVEIDs
feature name (as presented in Section 4.4.3.2). Table 4.2 includes the results obtained from
our model. We present a detailed discussion of our results in Section 4.4.3.6.
Table 4.3 shows a comparison of the number of reported vulnerabilities and the num-
ber of predicted vulnerabilities for some OpenSSL releases used for the training experiment
(these results validate the model using training data sets). The difference between predicted
and known vulnerabilities can be explained in part using the Mean Absolute Error with the
prediction as shown in Table 4.2. In addition, it is not clear that the particular release has all
vulnerabilities reported or if additional vulnerabilities could be detected in the future (if the
release is still used in the public domain). To be on the conservative side we use the Mean
Absolute Error to predict an upper bound on the total number of vulnerabilities contained
in a given software product release.
4.4.3.4. OpenSSL - Predictive Model Validation
In Table 4.4, we present a comparison of the OpenSSL releases used to evaluate and
validate the scored predictive model. These results tell us how well our model is able to84
Upcoming Pages
Here’s what’s next.
Search Inside
This dissertation can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Dissertation.
Kamongi, Patrick. Ontology Based Security Threat Assessment and Mitigation for Cloud Systems, dissertation, December 2018; Denton, Texas. (https://digital.library.unt.edu/ark:/67531/metadc1404576/m1/97/: accessed July 17, 2024), University of North Texas Libraries, UNT Digital Library, https://digital.library.unt.edu; .