v. 6 n. 04 (2025), Free Section
v. 6 n. 04 (2025)

PREDICTIVE MODEL OF CYBER THREATS INTEGRATING CVE MITRE AND WAZUH THROUGH TEMPORAL MACHINE LEARNING

Free Section
Publicado 09/12/2025
Tadeu Marcos Borges Paes
Doutorando em Inteligência Artificial, Senai Centro Desenvolvimento da Amazônia
Eudes Danilo Mendonça
Mestre em Computação Aplicada, Senai Centro de Desenvolvimento da Amazônia
PDF

Palavras-chave

CVE MITRE. Wazuh. Temporal Machine Learning. Vulnerability prediction. Cybersecurity.

Como Citar

Marcos Borges Paes, T. ., & Danilo Mendonça, E. . (2025). PREDICTIVE MODEL OF CYBER THREATS INTEGRATING CVE MITRE AND WAZUH THROUGH TEMPORAL MACHINE LEARNING. Journal of Interdisciplinary Debates, 6(04), 146-166. https://doi.org/10.51249/jid.v6i04.2747
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver AMA

Baixar Citação

Endnote/Zotero/Mendeley (RIS) BibTeX

Resumo

The increasing complexity and accelerated volume of vulnerabilities recorded by the CVE MITRE reinforce the need for models capable of anticipating trends and supporting strategic decisions in information security. This article proposes a predictive model based on Temporal Machine Learning, integrating historical data from CVE MITRE with operational telemetry from Wazuh, in order to predict the evolution of vulnerability categories, severity levels, and attack vectors. The study expands the architecture already used in practical implementations of the Wazuh dashboard, incorporating advanced time series techniques, such as ARIMA, Prophet, and LSTM, to detect patterns and project future behaviors. The results demonstrate the potential of temporal analysis to reduce response times, optimize risk management, and increase organizational maturity in cybersecurity. The proposed approach represents a significant advance by transforming a traditionally reactive process into a predictive analytical system, integrable into corporate ecosystems for incident monitoring and response.

PDF

Referências

ALLODI, Luca; MASSACCI, Fabio. A preliminary analysis of vulnerability scores for attacks in wild. Proceedings of the 2012 ACM Workshop on Security and Artificial Intelligence., p. 1–6, 2012.

ANDERSON, Ross. Security Engineering: A Guide to Building Dependable Distributed Systems. 3. ed. Hoboken: Wiley, 2020.

BISHOP, Christopher M. Pattern Recognition and Machine Learning. New York: Springer, 2021.

BOX, George E. P.; JENKINS, Gwilym M.; REINSEL, Gregory C.; LJUNG, Greta M. Time Series Analysis: Forecasting and Control. 5. ed. Hoboken: Wiley, 2016.

DIETTERICH, Thomas. Ensemble Methods in Machine Learning. Multiple Classifier Systems, p. 1–15, 2000.

ENISA – European Union Agency for Cybersecurity. Threat Landscape Report 2024. Athens: ENISA, 2024.

FEW, Stephen. Show Me the Numbers: Designing Tables and Graphs to Enlighten. 2. ed. Oakland: Analytics Press, 2017.

FLORIDI, Luciano; COWLS, Josh. A Unified Framework of Five Principles for AI in Society. Harvard Data Science Review., 2019.

GOODFELLOW, Ian; BENGIO, Yoshua; COURVILLE, Aaron. Deep Learning. Cambridge: MIT Press, 2016.

HOCHREITER, Sepp; SCHMIDHUBER, Jürgen. Long Short-Term Memory. Neural Computation, v. 9, n. 8, p. 1735–1780, 1997.

HYNDMAN, Rob J.; ATHANASOPOULOS, George. Forecasting: Principles and Practice. 3. ed. Melbourne: OTexts, 2021.

KOTT, Alexander; LINKOV, Igor. Cybersecurity: A Multifaceted and Dynamic Challenge. Cham: Springer, 2019.

KOTT, Alexander. The Endpoint Paradox in Cyber Defense. Journal of Cybersecurity, v. 7, n. 1, 2021.

KUHN, Max; JOHNSON, Kjell. Feature Engineering and Selection: A Practical Approach for Predictive Models. Boca Raton: CRC Press, 2019.

LESKOVEC, Jure; RAJARAMAN, Anand; ULLMAN, Jeffrey. Mining of Massive Datasets. 3. ed. Cambridge: Cambridge University Press, 2020.

LIU, H.; ZHENG, Z.; WANG, X. Predicting Cybersecurity Threats Using Deep Learning Models. IEEE Access, v. 9, p. 123–134, 2021.

MENDONÇA, Eudes Danilo da Silva. Dashboard Integrado para Gestão de Vulnerabilidades: Wazuh, CVE MITRE e Visualização Analítica. Dissertação (Mestrado). UFPA, 2024.

NIST – National Institute of Standards and Technology. Cybersecurity Framework 2.0 Draft. Washington, DC: NIST, 2023.

PROVOST, Foster; FAWCETT, Tom. Data Science for Business. Sebastopol: O’Reilly Media, 2013.

SCHNEIER, Bruce. Click Here to Kill Everybody: Security and Survival in a Hyper-connected World. New York: W.W. Norton, 2018.

SHUMWAY, Robert; STOFFER, David. Time Series Analysis and Its Applications. 4. ed. New York: Springer, 2017.

STALLINGS, William. Effective Cybersecurity: A Guide to Using Best Practices and Standards. Boston: Pearson, 2020.

TAYLOR, Sean J.; LETHAM, Benjamin. Forecasting at Scale. The American Statistician, v. 72, n. 1, p. 37–45, 2018.

TANENBAUM, Andrew S.; VAN STEEN, Maarten. Distributed Systems: Principles and Paradigms. 4. ed. Upper Saddle River: Pearson, 2022.

WEISHÄUPL, Eva; KÖNIG, W.; SCHRYEN, G. Cybersecurity Capability Maturity Models: A Systematic Literature Review. Computers & Security, v. 114, 2022.