Network vulnerability assessments collect large amounts of data to be further analyzed by security experts. Data mining and, particularly, unsupervised learning can help experts analyze these data and extract several conclusions. This paper presents a contribution to mine data in this security domain. We have implemented an evolutionary multiobjective approach to cluster data of security assessments. Clusters hold groups of tested devices with similar vulnerabilities to detect hidden patterns. Two different metrics have been selected as objectives to guide the discovery process. The results of this contribution are compared with other single-objective clustering approaches to confirm the value of the obtained clustering structures.
Guiomar Corral, A. Garcia-Piquer, Albert Orriols-P