Enhanced SVM-based model for predicting cyberspace vulnerabilities: Analyzing the role of user group dynamics and capital influx

Amid substantial capital influx and the rapid evolution of online user groups, the increasing complexity of user behavior poses significant challenges to cybersecurity, particularly in the domain of vulnerability prediction. This study aims to enhance the accuracy and practical applicability of cyberspace vulnerability prediction. By incorporating the dynamics of user behavioral changes and the logic of platform scaling driven by investment, two representative cybersecurity datasets are selected for analysis: the Canadian Institute for Cybersecurity Intrusion Detection System 2017 and the Network-Based Intrusion Detection Evaluation Dataset 2015. A standardized data preprocessing pipeline is constructed, including redundancy elimination, feature selection, and sample balancing, to ensure data representativeness and compatibility. To address the limited adaptability of traditional support vector machine (SVM) models in identifying nonlinear attacks, this study introduces a distribution-driven, dynamically adaptive kernel optimization approach. This method adjusts kernel parameters or switches kernel functions in real time according to the statistical characteristics of input data, thereby improving the model’s generalization capability and responsiveness in complex attack scenarios. Performance evaluations are conducted on both datasets using cross-validation. The results show that, compared to traditional models, the improved SVM achieves an 11.2% increase in prediction accuracy. Furthermore, the model demonstrates a 22.2% improvement in computational efficiency, measured as the ratio of prediction count to processing time. It also exhibits lower false positive rates and greater stability in detecting common cyberattacks such as distributed denial of service, phishing, and malware. In addition, this study analyzes user behavioral variations under different levels of attack pressure based on network access activity. Findings indicate that during periods of high platform load, attack frequency is positively correlated with users’ defensive behavior, confirming a potential causal sequence of “capital influx—user expansion—increased attack exposure.” This study offers a practical modeling framework and empirical foundation for improving predictive performance and enhancing users’ sense of cybersecurity.