The increasing amount and complexity of Cyber security attacks in recent years have made text analysis and data mining techniques an important factor in discovering features of such attacks and detecting future security threats. In this paper, we report on the results of a recent case study that involved the analysis of a community data set collected from five small and medium companies in Korea. The data set represents Cyber security incidents and response actions. We investigated in the study the kind of problems concerned with the prediction of response actions to future incidents from features of past incidents. Our analysis is based on text mining methods, such as n-gram and bag-of-words, as well as on machine learning algorithms for the classification of incidents and their response actions. Based on the results of the study, we also suggest an experience-sharing model, which we use to demonstrate how companies may share their trained classifiers without the sharing of their individual data sets in a collaborative environment.

中文翻译：

---

以韩国企业为例的网络安全事件分析与分类

近年来，网络安全攻击的数量和复杂性日益增加，使得文本分析和数据挖掘技术成为发现此类攻击的特征并检测未来安全威胁的重要因素。在本文中，我们报告了近期案例研究的结果，该案例研究涉及对从韩国的五家中小型公司收集的社区数据集的分析。该数据集表示网络安全事件和响应操作。我们在研究中调查了与过去事件的特征有关的对未来事件的响应动作的预测有关的问题类型。我们的分析基于诸如n-gram和单词袋之类的文本挖掘方法，以及针对事件及其响应动作的分类的机器学习算法。根据研究结果，