Security Tools’ API Recommendation Using Machine Learning

Zarrin Tasnim Sworna; Zarrin Tasnim Sworna; Anjitha Sreekumar; Anjitha Sreekumar; Chadni Islam; Chadni Islam; Muhammad Ali Babar; Muhammad Ali Babar; Muhammad Ali Babar

doi:10.5220/0011708300003464

Security Tools’ API Recommendation Using Machine Learning

Zarrin Tasnim Sworna, Zarrin Tasnim Sworna, Anjitha Sreekumar, Anjitha Sreekumar, Chadni Islam, Chadni Islam, Muhammad Ali Babar, Muhammad Ali Babar, Muhammad Ali Babar

2023

Abstract

Security Operation Center (SOC) teams manually analyze numerous tools’ API documentation to find appropriate APIs to define, update and execute incident response plans for responding to security incidents. Manually identifying security tools’ APIs is time consuming that can slow down security incident response. To mitigate this manual process’s negative effects, automated API recommendation support is desired. The state-of-the-art automated security tool API recommendation uses Deep Learning (DL) model. However, DL models are environmentally unfriendly and prohibitively expensive requiring huge time and resources (denoted as “Red AI”). Hence, “Green AI” considering both efficiency and effectiveness is encouraged. Given SOCs’ incident response is hindered by cost, time and resource constraints, we assert that Machine Learning (ML) models are likely to be more suitable for recommending suitable APIs with fewer resources. Hence, we investigate ML model’s applicability for effective and efficient security tools’ API recommendation. We used 7 real world security tools’ API documentation, 5 ML models, 5 feature representations and 19 augmentation techniques. Our Logistic Regression model with word and character level features compared to the state-of-the-art DL-based approach reduces 95.91% CPU core hours, 97.65% model size, 291.50% time and achieves 0.38% better accuracy, which provides cost-cutting opportunities for industrial SOC adoption.

Download

Paper Citation

in Harvard Style

Sworna Z., Sreekumar A., Islam C. and Babar M. (2023). Security Tools’ API Recommendation Using Machine Learning. In Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-647-7, SciTePress, pages 27-38. DOI: 10.5220/0011708300003464

in Bibtex Style

@conference{enase23,
author={Zarrin Tasnim Sworna and Anjitha Sreekumar and Chadni Islam and Muhammad Ali Babar},
title={Security Tools’ API Recommendation Using Machine Learning},
booktitle={Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2023},
pages={27-38},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011708300003464},
isbn={978-989-758-647-7},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - Security Tools’ API Recommendation Using Machine Learning
SN - 978-989-758-647-7
AU - Sworna Z.
AU - Sreekumar A.
AU - Islam C.
AU - Babar M.
PY - 2023
SP - 27
EP - 38
DO - 10.5220/0011708300003464
PB - SciTePress