Automation of Vulnerability Classification from its Description using Machine Learning

Masaki Aota, Hideaki Kanehara, Masaki Kubo, Noboru Murata, Bo Sun, Takeshi Takahashi

研究成果: Conference contribution

抄録

Vulnerability reports play an important role in cybersecurity. Mitigation of software vulnerabilities that can be exploited by attackers depends on disclosure of vulnerabilities. Information on vulnerability types or identifiers facilitates automation of vulnerability management, statistical analysis of vulnerability trends, and secure software development. Labeling of reports with vulnerability identifiers has thus far been per-formed manually and has therefore suffered from human-induced errors and scalability issues due to the shortage of security experts. In this paper, we propose a scheme that automatically classifies each vulnerability description by type using machine learning. We experimentally demonstrated the performance of our proposed scheme compared to other algorithms, analyzed cases of misclassification, and revealed the potential for numerous human errors. We experimentally demonstrated the performance of the proposed scheme in comparison with other algorithms, analyzed cases of misclassification, and revealed the potential for numerous human errors. Furthermore, we tried to correct these errors.

本文言語English
ホスト出版物のタイトル2020 IEEE Symposium on Computers and Communications, ISCC 2020
出版社Institute of Electrical and Electronics Engineers Inc.
ISBN(電子版)9781728180861
DOI
出版ステータスPublished - 2020 7
イベント2020 IEEE Symposium on Computers and Communications, ISCC 2020 - Rennes, France
継続期間: 2020 7 72020 7 10

出版物シリーズ

名前Proceedings - IEEE Symposium on Computers and Communications
2020-July
ISSN(印刷版)1530-1346

Conference

Conference2020 IEEE Symposium on Computers and Communications, ISCC 2020
CountryFrance
CityRennes
Period20/7/720/7/10

ASJC Scopus subject areas

  • Software
  • Signal Processing
  • Mathematics(all)
  • Computer Science Applications
  • Computer Networks and Communications

フィンガープリント 「Automation of Vulnerability Classification from its Description using Machine Learning」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル