Quantum Clustering for Cybersecurity

Walid El Maouaki; Nouhaila Innan; Alberto Marchisio; Taoufik Said; Mohamed Bennai; Muhammad Shafique

doi:10.1109/QCE60285.2024.10243

Quantum Clustering for Cybersecurity

Walid El Maouaki, Nouhaila Innan, Alberto Marchisio, Taoufik Said, Mohamed Bennai, Muhammad Shafique

Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this study, we develop a novel quantum machine learning (QML) framework to analyze cybersecurity vulnerabilities using data from the 2022 CISA Known Exploited Vulnerabilities catalog, which includes detailed information on vulnerability types, severity levels, common vulnerability scoring system (CVSS) scores, and product specifics. Our framework preprocesses this data into a quantum-compatible format, enabling clustering analysis through our advanced quantum techniques, QCSWAPK-means and QkerneIK-means. These quantum algorithms demonstrate superior performance compared to state-of-the-art classical clustering techniques like k-means and spectral clustering, achieving Silhouette scores of 0.491, Davies-Bouldin indices below 0.745, and Calinski-Harabasz scores exceeding 884, indicating more distinct and well-separated clusters. Our frame-work categorizes vulnerabilities into distinct groups, reflecting varying levels of risk severity: Cluster 0, primarily consisting of critical Microsoft-related vulnerabilities; Cluster 1, featuring medium severity vulnerabilities from various enterprise software vendors and network solutions; Cluster 2, with high severity vulnerabilities from Adobe, Cisco, and Google; and Cluster 3, encompassing vulnerabilities from Microsoft and Oracle with high to medium severity. These findings highlight the potential of QML to enhance the precision of vulnerability assessments and prioritization, advancing cybersecurity practices by enabling more strategic and proactive defense mechanisms.

Original language	English (US)
Title of host publication	Workshops Program, Posters Program, Panels Program and Tutorials Program
Editors	Candace Culhane, Greg T. Byrd, Hausi Muller, Yuri Alexeev, Yuri Alexeev, Sarah Sheldon
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	5-10
Number of pages	6
ISBN (Electronic)	9798331541378
DOIs	https://doi.org/10.1109/QCE60285.2024.10243
State	Published - 2024
Event	5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024 - Montreal, Canada Duration: Sep 15 2024 → Sep 20 2024

Publication series

Name	Proceedings - IEEE Quantum Week 2024, QCE 2024
Volume	2

Conference

Conference	5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024
Country/Territory	Canada
City	Montreal
Period	9/15/24 → 9/20/24

Keywords

Cybersecurity
Quantum Clustering
Quantum Machine Learning

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Networks and Communications
Hardware and Architecture
Signal Processing
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality
Computational Mathematics
Statistical and Nonlinear Physics

Access to Document

10.1109/QCE60285.2024.10243

Cite this

Maouaki, W. E., Innan, N., Marchisio, A., Said, T., Bennai, M., & Shafique, M. (2024). Quantum Clustering for Cybersecurity. In C. Culhane, G. T. Byrd, H. Muller, Y. Alexeev, Y. Alexeev, & S. Sheldon (Eds.), Workshops Program, Posters Program, Panels Program and Tutorials Program (pp. 5-10). (Proceedings - IEEE Quantum Week 2024, QCE 2024; Vol. 2). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/QCE60285.2024.10243

Quantum Clustering for Cybersecurity. / Maouaki, Walid El; Innan, Nouhaila; Marchisio, Alberto et al.
Workshops Program, Posters Program, Panels Program and Tutorials Program. ed. / Candace Culhane; Greg T. Byrd; Hausi Muller; Yuri Alexeev; Yuri Alexeev; Sarah Sheldon. Institute of Electrical and Electronics Engineers Inc., 2024. p. 5-10 (Proceedings - IEEE Quantum Week 2024, QCE 2024; Vol. 2).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Maouaki, WE, Innan, N, Marchisio, A, Said, T, Bennai, M & Shafique, M 2024, Quantum Clustering for Cybersecurity. in C Culhane, GT Byrd, H Muller, Y Alexeev, Y Alexeev & S Sheldon (eds), Workshops Program, Posters Program, Panels Program and Tutorials Program. Proceedings - IEEE Quantum Week 2024, QCE 2024, vol. 2, Institute of Electrical and Electronics Engineers Inc., pp. 5-10, 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024, Montreal, Canada, 9/15/24. https://doi.org/10.1109/QCE60285.2024.10243

Maouaki WE, Innan N, Marchisio A, Said T, Bennai M, Shafique M. Quantum Clustering for Cybersecurity. In Culhane C, Byrd GT, Muller H, Alexeev Y, Alexeev Y, Sheldon S, editors, Workshops Program, Posters Program, Panels Program and Tutorials Program. Institute of Electrical and Electronics Engineers Inc. 2024. p. 5-10. (Proceedings - IEEE Quantum Week 2024, QCE 2024). doi: 10.1109/QCE60285.2024.10243

Maouaki, Walid El ; Innan, Nouhaila ; Marchisio, Alberto et al. / Quantum Clustering for Cybersecurity. Workshops Program, Posters Program, Panels Program and Tutorials Program. editor / Candace Culhane ; Greg T. Byrd ; Hausi Muller ; Yuri Alexeev ; Yuri Alexeev ; Sarah Sheldon. Institute of Electrical and Electronics Engineers Inc., 2024. pp. 5-10 (Proceedings - IEEE Quantum Week 2024, QCE 2024).

@inproceedings{21d19a4a0cbe44a6bb068836db9d179f,

title = "Quantum Clustering for Cybersecurity",

abstract = "In this study, we develop a novel quantum machine learning (QML) framework to analyze cybersecurity vulnerabilities using data from the 2022 CISA Known Exploited Vulnerabilities catalog, which includes detailed information on vulnerability types, severity levels, common vulnerability scoring system (CVSS) scores, and product specifics. Our framework preprocesses this data into a quantum-compatible format, enabling clustering analysis through our advanced quantum techniques, QCSWAPK-means and QkerneIK-means. These quantum algorithms demonstrate superior performance compared to state-of-the-art classical clustering techniques like k-means and spectral clustering, achieving Silhouette scores of 0.491, Davies-Bouldin indices below 0.745, and Calinski-Harabasz scores exceeding 884, indicating more distinct and well-separated clusters. Our frame-work categorizes vulnerabilities into distinct groups, reflecting varying levels of risk severity: Cluster 0, primarily consisting of critical Microsoft-related vulnerabilities; Cluster 1, featuring medium severity vulnerabilities from various enterprise software vendors and network solutions; Cluster 2, with high severity vulnerabilities from Adobe, Cisco, and Google; and Cluster 3, encompassing vulnerabilities from Microsoft and Oracle with high to medium severity. These findings highlight the potential of QML to enhance the precision of vulnerability assessments and prioritization, advancing cybersecurity practices by enabling more strategic and proactive defense mechanisms.",

keywords = "Cybersecurity, Quantum Clustering, Quantum Machine Learning",

author = "Maouaki, {Walid El} and Nouhaila Innan and Alberto Marchisio and Taoufik Said and Mohamed Bennai and Muhammad Shafique",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024 ; Conference date: 15-09-2024 Through 20-09-2024",

year = "2024",

doi = "10.1109/QCE60285.2024.10243",

language = "English (US)",

series = "Proceedings - IEEE Quantum Week 2024, QCE 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "5--10",

editor = "Candace Culhane and Byrd, {Greg T.} and Hausi Muller and Yuri Alexeev and Yuri Alexeev and Sarah Sheldon",

booktitle = "Workshops Program, Posters Program, Panels Program and Tutorials Program",

}

TY - GEN

T1 - Quantum Clustering for Cybersecurity

AU - Maouaki, Walid El

AU - Innan, Nouhaila

AU - Marchisio, Alberto

AU - Said, Taoufik

AU - Bennai, Mohamed

AU - Shafique, Muhammad

PY - 2024

Y1 - 2024

N2 - In this study, we develop a novel quantum machine learning (QML) framework to analyze cybersecurity vulnerabilities using data from the 2022 CISA Known Exploited Vulnerabilities catalog, which includes detailed information on vulnerability types, severity levels, common vulnerability scoring system (CVSS) scores, and product specifics. Our framework preprocesses this data into a quantum-compatible format, enabling clustering analysis through our advanced quantum techniques, QCSWAPK-means and QkerneIK-means. These quantum algorithms demonstrate superior performance compared to state-of-the-art classical clustering techniques like k-means and spectral clustering, achieving Silhouette scores of 0.491, Davies-Bouldin indices below 0.745, and Calinski-Harabasz scores exceeding 884, indicating more distinct and well-separated clusters. Our frame-work categorizes vulnerabilities into distinct groups, reflecting varying levels of risk severity: Cluster 0, primarily consisting of critical Microsoft-related vulnerabilities; Cluster 1, featuring medium severity vulnerabilities from various enterprise software vendors and network solutions; Cluster 2, with high severity vulnerabilities from Adobe, Cisco, and Google; and Cluster 3, encompassing vulnerabilities from Microsoft and Oracle with high to medium severity. These findings highlight the potential of QML to enhance the precision of vulnerability assessments and prioritization, advancing cybersecurity practices by enabling more strategic and proactive defense mechanisms.

AB - In this study, we develop a novel quantum machine learning (QML) framework to analyze cybersecurity vulnerabilities using data from the 2022 CISA Known Exploited Vulnerabilities catalog, which includes detailed information on vulnerability types, severity levels, common vulnerability scoring system (CVSS) scores, and product specifics. Our framework preprocesses this data into a quantum-compatible format, enabling clustering analysis through our advanced quantum techniques, QCSWAPK-means and QkerneIK-means. These quantum algorithms demonstrate superior performance compared to state-of-the-art classical clustering techniques like k-means and spectral clustering, achieving Silhouette scores of 0.491, Davies-Bouldin indices below 0.745, and Calinski-Harabasz scores exceeding 884, indicating more distinct and well-separated clusters. Our frame-work categorizes vulnerabilities into distinct groups, reflecting varying levels of risk severity: Cluster 0, primarily consisting of critical Microsoft-related vulnerabilities; Cluster 1, featuring medium severity vulnerabilities from various enterprise software vendors and network solutions; Cluster 2, with high severity vulnerabilities from Adobe, Cisco, and Google; and Cluster 3, encompassing vulnerabilities from Microsoft and Oracle with high to medium severity. These findings highlight the potential of QML to enhance the precision of vulnerability assessments and prioritization, advancing cybersecurity practices by enabling more strategic and proactive defense mechanisms.

KW - Cybersecurity

KW - Quantum Clustering

KW - Quantum Machine Learning

UR - http://www.scopus.com/inward/record.url?scp=85214753543&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85214753543&partnerID=8YFLogxK

U2 - 10.1109/QCE60285.2024.10243

DO - 10.1109/QCE60285.2024.10243

M3 - Conference contribution

AN - SCOPUS:85214753543

T3 - Proceedings - IEEE Quantum Week 2024, QCE 2024

SP - 5

EP - 10

BT - Workshops Program, Posters Program, Panels Program and Tutorials Program

A2 - Culhane, Candace

A2 - Byrd, Greg T.

A2 - Muller, Hausi

A2 - Alexeev, Yuri

A2 - Sheldon, Sarah

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024

Y2 - 15 September 2024 through 20 September 2024

ER -

Quantum Clustering for Cybersecurity

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this