Dynamic data-driven vulnerability assessments face massive heterogeneous data contained in, and produced by SOCs (Security Operations Centres). Manual vulnerability assessment practices result in inaccurate data and induce complex analytical reasoning. Contemporary security repositories’ diversity, incompleteness and redundancy contribute to such security concerns. These issues are typical characteristics of public and manufacturer vulnerability reports, which exacerbate direct analysis to root out security deficiencies. Recent advances in machine learning techniques promise novel approaches to overcome these notorious diversity and incompleteness issues across massively increasing vulnerability reports corpora. Yet, these techniques themselves exhibit varying degrees of performance as a result of their diverse methods. We propose a cognitive cybersecurity approach that empowers human cognitive capital along two dimensions. We first resolve conflicting vulnerability reports and preprocess embedded security indicators into reliable data sets. Then, we use these data sets as a base for our proposed ensemble meta-classifier methods that fuse machine learning techniques to improve the predictive accuracy over individual machine learning algorithms. The application and implication of this methodology in the context of vulnerability analysis of computer systems are yet to unfold the full extent of its potential. The proposed cognitive security methodology in this paper is shown to improve performances when addressing the above-mentioned incompleteness and diversity issues across cybersecurity alert repositories. The experimental analysis conducted on actual cybersecurity data sources reveals interesting tradeoffs of our proposed selective ensemble methodology, to infer patterns of computer system vulnerabilities.

动态数据驱动的漏洞评估面临着 SOC（安全运营中心）中包含和产生的大量异构数据。手动漏洞评估实践会导致数据不准确并导致复杂的分析推理。当代安全存储库的多样性、不完整性和冗余导致了此类安全问题。这些问题是公开和制造商漏洞报告的典型特征，加剧了直接分析以根除安全缺陷。机器学习技术的最新进展有望提供新颖的方法来克服大量增加的漏洞报告语料库中这些臭名昭著的多样性和不完整性问题。然而，这些技术本身由于其不同的方法而表现出不同程度的性能。我们提出了一种认知网络安全方法，可从两个维度赋予人类认知资本。我们首先解决冲突的漏洞报告，并将嵌入的安全指标预处理为可靠的数据集。然后，我们使用这些数据集作为我们提出的集成元分类器方法的基础，这些方法融合了机器学习技术以提高单个机器学习算法的预测准确性。这种方法在计算机系统脆弱性分析的背景下的应用和意义尚未充分发挥其潜力。在解决上述网络安全警报存储库中的不完整性和多样性问题时，本文提出的认知安全方法可以提高性能。