ML-based Cybersecurity Risk Assessment based on Selected Business Attributes

State: Assigned to TBD
Published: 2022-04-30

As businesses strengthen their digital dependency, they become more vulnerable to cyber threats. Therefore, besides the need for speed innovation, decision-makers in cybersecurity (e.g., network operator, company owner, or an expert team) have to be able to implement robust cybersecurity mechanisms while managing costs and risks associated with the business. Decision-making is usually defined as the activities involving phases of problem recognition, search for information, the definition of alternatives, and selecting a list of ranked preferences [1]. During the cybersecurity planning, such activities involve (a) identifying cybersecurity risks and associated costs, (b) determining the impacts of cybersecurity in the business or service, (c) understanding the business requirements and budget available for protection. Based on that, it is possible to estimate the overall impacts (e.g., financial loss occasioned by a business disruption) to decide whether and how much to invest in cybersecurity. However, these tasks are not trivial and are still more challenging when considering companies without in-house security expertise or budget (e.g., Small and Medium-sized Companies) [2]. 

This thesis focuses on developing and refining Machine Learning (ML) algorithms to determine the risk of a business being a target of a cyberattack and having economic losses. For that, the algorithm(s) can explore different business attributes (e.g., number of employees, revenue, and sector) in order to estimate the risk based on information that businesses without in-house security expertise have at hand [3. 4]. Thus, the work of this thesis can be, in summary, divided into three main phases: (i) understanding the statistics and behavior of selected cyberattacks, (ii) correlating the behavior of cyberattacks with business information, such as companies with more than X employees and revenue higher than Y tend to be more targeted by the cyberattack Z, and (iii) design and develop an ML model to conduct the risk assessment of a company based on a training dataset built during the thesis.

Note that these phases are just examples of possible flow for the work. However, it can be discussed and decided together with the supervisor during the development of the thesis to determine a feasible and efficient path to achieve better results.


[1] M. Franco, E. Sula, B. Rodrigues, E. Scheid, B. Stiller: ProtectDDoS: A Platform for Trustworthy Offering and Recommendation of Protections; International Conference on Economics of Grids, Clouds, Software and Services (GECON 2020), Izola, Slovenia, September 2020, pp 1–12.

[2] B. Rodrigues, M. F. Franco, G. Paranghi, B. Stiller: SEConomy: A Framework for the Economic Assessment of Cybersecurity; 16th International Conference on the Economics of Grids, Clouds, Systems, and Services (GECON 2019), Springer, Leeds, UK, pp. 1–9.

[3] Erion Sula: SecRiskAI: A Machine Learning-based Tool for Cybersecurity Risk Assessment; Universität Zürich, Communication Systems Group, Department of Informatics, Zürich, Switzerland, August 2021, URL: https://files.ifi.uzh.ch/CSG/staff/franco/extern/theses/MA-E-Sula.pdf.

[4] Erion Sula, Muriel Franco: Machine Learning-based Cybersecurity Risk Management Classification - Source Code, Universität Zürich, Communication Systems Group, Department of Informatics, Zürich, Switzerland, August 2021, URL: https://gitlab.ifi.uzh.ch/franco/ml-risk-smes



20% Design, 70% Implementation, 10% Documentation
Python, Basics of Machine Learning, Basics of Cybersecurity

Supervisors: Muriel Figueredo Franco

back to the main page