Abstract:
Cyberattacks occur every second around the world, and many attacks use the same patterns to exploit systems. Most of these patterns remain effective as a result of inadequate awareness or lack of information security culture among cyber users. Thwarting these attack techniques, therefore, becomes a cause for concerns, and consequently, this work focuses on the development of an Intelligent Incidence Reporting System (IIRS) for reporting online attacks. A Model-View-Controller (MVC) system architecture was adopted. Model represents the state of the system where domain data is encapsulated. The user interface (UI) is contained in the View while the system logic is handled by the Controller. The Stanford Natural Language Processing (NLP) API is included in the controller to facilitate real-time online processing of reported details with focus on language detection, sentiment analysis, and named entity recognition. Wu and Palmer's algorithm was adopted to handle the semantic similarity of extracted entities, and this forms the basis on which each reported incidence is classified. The proposed system was implemented in ASP.Net Core with C# being the programming language of choice. The system was tested on a local server and evaluated by twenty students from the affiliated department, and each reported incidence was categorized appropriately as either phishing, ransomware, cyberwarfare or other most suited attack technique. Other attributes which include the ease of use of the system, consistency and stability were also evaluated, and the system received an average rating of 94% with respect to these parameters. In particular, the system was rated 95% over its contribution to cybersecurity awareness raising, as considered by our respondents.
KEYWORDS:
Cyberspace, cyberattack, incident reporting, semantic similarity, natural language processing, information security culture, vulnerabilities.
