Donate

Grand Award

Second Place

Sponsored Awards

Spark of Innovative High School
HS-APT16

CyberRiskMAP: Cybersecurity Risk Assessment and Machine-Learning-Assisted Prediction Framework

Applied Technology
Arjun Caputo

Grade:
11
Teacher:
Becky Grant

This research paper introduces CyberRiskMAP, a comprehensive cybersecurity risk assessment framework that leverages machine learning, particularly Large Language Models (LLMs), to predict and mitigate software and hardware vulnerabilities. The framework integrates data from the National Vulnerability Database (NVD) and Common Weaknesses Enumeration (CWE) to provide a holistic approach to cybersecurity risk management. The project aims to enhance existing frameworks by evaluating a user-described vulnerability through Natural Language Processing (NLP), identifying relevant cybersecurity weaknesses and linked vulnerabilities, and incorporating LLMs for effective mitigation strategies of the identified weakness. The methods involve utilizing the "n-gram" language model, implementing a basic ontology, and updating the Ontology-Driven Storytelling Framework (OSF). The project's results are presented through a PyQt5 graphical user interface, illustrating relevancy metrics, CWE distribution, and predicted exploit and impact scores.


Project presentation

View Project Presentation file

Lab journal excerpts

View Lab Journal file

Research paper

View Research Paper file

2 thoughts on “CyberRiskMAP: Cybersecurity Risk Assessment and Machine-Learning-Assisted Prediction Framework

  1. I love how much detail was put into these slides. All of the diagrams worked well to visualize tough to grasp subjects and the snippets of code were helpful to us who can read it. Great job!

  2. This is a rapidly growing problem so I commend your initiative in tackling an innovative way to quantify the attack vectors, in order to help companies predict their vulnerability based on most likely avenue of attack. cyber security needs more people like you!

Leave a comment (comments will be released after judging).

Comments submitted will not be visible until after judging is complete. Comments are public and should be used to congratulate and encourage this young scientist or engineer! Comments should not contain personal identifying information or reveal any awards that the student has won.

Your email address will not be published. Required fields are marked *