A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment

Abstract This study enhances cybersecurity risk assessment by integrating Bayesian Networks (BN) and Logistic Regression (LR) models, using data from the CISA Known Exploited Vulnerabilities catalog. First, a probabilistic causal model is built as a BN to capture complex interdependencies among vuln...

詳細記述

書誌詳細
出版年:Scientific Reports
主要な著者: Xueyuan Wei, Yingdong Dong
フォーマット: 論文
言語:英語
出版事項: Nature Portfolio 2025-07-01
主題:
オンライン・アクセス:https://doi.org/10.1038/s41598-025-10291-9
_version_ 1849424154384662528
author Xueyuan Wei
Yingdong Dong
author_facet Xueyuan Wei
Yingdong Dong
author_sort Xueyuan Wei
collection DOAJ
container_title Scientific Reports
description Abstract This study enhances cybersecurity risk assessment by integrating Bayesian Networks (BN) and Logistic Regression (LR) models, using data from the CISA Known Exploited Vulnerabilities catalog. First, a probabilistic causal model is built as a BN to capture complex interdependencies among vulnerability characteristics such as CVSS score, exploit complexity, and attack vector. Conditional probabilities of exploitation are calculated, providing a nuanced, evidence-based understanding of each factor’s contribution to risk. Second, these posterior probabilities serve as input features for an LR classifier, combining the BN’s dependency structure with LR’s discriminative power to predict vulnerability risk levels. Parameter estimation employs maximum likelihood methods, supplemented by expert knowledge where data are sparse. When applied to 775 vulnerability records, the BN–LR hybrid achieves an accuracy rate of 97% and a ROC-AUC of 0.1 on the held-out test set, outperforming both standalone BN (accuracy 86.7%, AUC 0.89) and standalone LR (accuracy 88.1%, AUC 0.90). Sensitivity analysis further highlights that CVSS score and exploit complexity carry the greatest influence on risk predictions. By quantifying both causal relationships and classification boundaries, the integrated model not only improves predictive performance but also offers clear insights into which attributes most strongly drive potential exploits. This practical tool thus enables security teams to prioritize remediation efforts effectively, strengthening organizational vulnerability management and overall security posture.
format Article
id doaj-art-c2dd2be78e264fcfbe8eb8268d70a4b7
institution Directory of Open Access Journals
issn 2045-2322
language English
publishDate 2025-07-01
publisher Nature Portfolio
record_format Article
spelling doaj-art-c2dd2be78e264fcfbe8eb8268d70a4b72025-08-20T03:42:25ZengNature PortfolioScientific Reports2045-23222025-07-0115112210.1038/s41598-025-10291-9A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessmentXueyuan Wei0Yingdong Dong1School of Philosophy and History (Biquan Academy), Xiangtan UniversitySchool of Philosophy and History (Biquan Academy), Xiangtan UniversityAbstract This study enhances cybersecurity risk assessment by integrating Bayesian Networks (BN) and Logistic Regression (LR) models, using data from the CISA Known Exploited Vulnerabilities catalog. First, a probabilistic causal model is built as a BN to capture complex interdependencies among vulnerability characteristics such as CVSS score, exploit complexity, and attack vector. Conditional probabilities of exploitation are calculated, providing a nuanced, evidence-based understanding of each factor’s contribution to risk. Second, these posterior probabilities serve as input features for an LR classifier, combining the BN’s dependency structure with LR’s discriminative power to predict vulnerability risk levels. Parameter estimation employs maximum likelihood methods, supplemented by expert knowledge where data are sparse. When applied to 775 vulnerability records, the BN–LR hybrid achieves an accuracy rate of 97% and a ROC-AUC of 0.1 on the held-out test set, outperforming both standalone BN (accuracy 86.7%, AUC 0.89) and standalone LR (accuracy 88.1%, AUC 0.90). Sensitivity analysis further highlights that CVSS score and exploit complexity carry the greatest influence on risk predictions. By quantifying both causal relationships and classification boundaries, the integrated model not only improves predictive performance but also offers clear insights into which attributes most strongly drive potential exploits. This practical tool thus enables security teams to prioritize remediation efforts effectively, strengthening organizational vulnerability management and overall security posture.https://doi.org/10.1038/s41598-025-10291-9Bayesian networksLogistic regressionRisk assessmentCybersecurityMachine learningData driven
spellingShingle Xueyuan Wei
Yingdong Dong
A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
Bayesian networks
Logistic regression
Risk assessment
Cybersecurity
Machine learning
Data driven
title A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
title_full A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
title_fullStr A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
title_full_unstemmed A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
title_short A hybrid approach combining Bayesian networks and logistic regression for enhancing risk assessment
title_sort hybrid approach combining bayesian networks and logistic regression for enhancing risk assessment
topic Bayesian networks
Logistic regression
Risk assessment
Cybersecurity
Machine learning
Data driven
url https://doi.org/10.1038/s41598-025-10291-9
work_keys_str_mv AT xueyuanwei ahybridapproachcombiningbayesiannetworksandlogisticregressionforenhancingriskassessment
AT yingdongdong ahybridapproachcombiningbayesiannetworksandlogisticregressionforenhancingriskassessment
AT xueyuanwei hybridapproachcombiningbayesiannetworksandlogisticregressionforenhancingriskassessment
AT yingdongdong hybridapproachcombiningbayesiannetworksandlogisticregressionforenhancingriskassessment