Assessment of Vulnerability Severity using Text Mining

Spanos, Georgios; Angelis, Lefteris; Toloudis, Dimitrios

doi:10.1145/3139367.3139390

Cited by 37 publications

(23 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Besides each output, we also examined the validated results across different types of classifiers (single vs. ensemble models) and NLP representations (n-grams and tf-idf vs. term frequency). Since the NLP representations mostly affect the classifiers, their validated results are grouped by six classifiers in Table V result agrees with the existing work [6], [7]. It seemed that n-grams with n > 1 improved the result.…”

Section: B Rq2: Which Are the Optimal Models For Multi-classification Of Each Vulnerability Characteristic?supporting

confidence: 85%

“…Our multi-class classification problem can be decomposed into multiple binary classification problems. To define the standard evaluation metrics for a binary problem [6], [7], [8], we first describe four possibilities as follows.…”

Section: Evaluation Metricsmentioning

confidence: 99%

“…Our approach also contains the word-only model, but we select the optimal models using our time-based cross-validation to better address the concept drift issue. The vulnerability descriptions were also used to evaluate the vulnerability severity [7], associate the frequent terms with each VC [16], determine the type of each SV using topic modeling [12] and show vulnerability trends [11]. Recently, Zhuobing [8] have applied deep learning to predict vulnerability severity.…”

Section: A Software Vulnerability Analyticsmentioning

confidence: 99%

“…Identification of SVs' characteristics is a critical task for automation. It is asserted that SVs' public repositories, such as the National Vulnerability Database (NVD), can help identify SVs characteristics by analyzing their descriptions using Natural Language Processing (NLP) [6], [7], [8].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Automated Software Vulnerability Assessment with Concept Drift

Sabir

Babar

2019

2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR)

View full text Add to dashboard Cite

Software Engineering researchers are increasingly using Natural Language Processing (NLP) techniques to automate Software Vulnerabilities (SVs) assessment using the descriptions in public repositories. However, the existing NLP-based approaches suffer from concept drift. This problem is caused by a lack of proper treatment of new (out-of-vocabulary) terms for the evaluation of unseen SVs over time. To perform automated SVs assessment with concept drift using SVs' descriptions, we propose a systematic approach that combines both character and word features. The proposed approach is used to predict seven Vulnerability Characteristics (VCs). The optimal model of each VC is selected using our customized time-based crossvalidation method from a list of eight NLP representations and six well-known Machine Learning models. We have used the proposed approach to conduct large-scale experiments on more than 100,000 SVs in the National Vulnerability Database (NVD). The results show that our approach can effectively tackle the concept drift issue of the SVs' descriptions reported from 2000 to 2018 in NVD even without retraining the model. In addition, our approach performs competitively compared to the existing word-only method. We also investigate how to build compact concept-drift-aware models with much fewer features and give some recommendations on the choice of classifiers and NLP representations for SVs assessment.

show abstract

Section: B Rq2: Which Are the Optimal Models For Multi-classification Of Each Vulnerability Characteristic?supporting

confidence: 85%

Section: Evaluation Metricsmentioning

confidence: 99%

Section: A Software Vulnerability Analyticsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Automated Software Vulnerability Assessment with Concept Drift

Sabir

Babar

2019

2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR)

View full text Add to dashboard Cite

show abstract

“…Some researchers think that machine learning and text mining could be used to automate the process of assigning CVSS scores by intelligently interpreting vulnerability descriptions. 48 Other researchers have used data about attacks observed in the wild to build machine learning systems that predict the likelihood of some vulnerabilities actually being exploited. 49 There is some evidence that when these machine learning-based risk assessments are used in conjunction with the CVSS, organizations can achieve similar levels of risk remediation for significantly less effort by prioritizing their remediation efforts on the vulnerabilities that are most likely to be exploited.…”

Section: Prevention Figurementioning

confidence: 99%