Tracing CAPEC attack patterns from CVE vulnerability information using natural language processing technique

Kenta Kanakogi, Hironori Washizaki, Yoshiaki Fukazawa, Shinpei Ogata, Takao Okubo, Takehisa Kato, Hideyuki Kanuka, Atsuo Hazeyama, Nobukazu Yoshioka

研究成果: Conference contribution

2 被引用数 (Scopus)

抄録

To effectively respond to vulnerabilities, information must not only be collected efficiently and quickly but also the vulnerability and the attack techniques must be understood. A security knowledge repository can collect such information. The Common Vulnerabilities and Exposures (CVE) provides known vulnerabilities of products, while the Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit known weaknesses. Because the information in these two repositories is not directly related, identifying the related CAPEC attack information from the CVE vulnerability information is challenging. One proposed method traces some related CAPEC-ID from CVE-ID through Common Weakness Enumeration (CWE). However, it is not applicable to all patterns. Here, we propose a method to automatically trace the related CAPEC-IDs from CVE-ID using TF-IDF and Doc2Vec. Additionally, we experimentally confirm that TF-IDF is more accurate than Doc2vec.

本文言語English
ホスト出版物のタイトルProceedings of the 54th Annual Hawaii International Conference on System Sciences, HICSS 2021
編集者Tung X. Bui
出版社IEEE Computer Society
ページ6996-7004
ページ数9
ISBN(電子版)9780998133140
出版ステータスPublished - 2021
イベント54th Annual Hawaii International Conference on System Sciences, HICSS 2021 - Virtual, Online
継続期間: 2021 1 42021 1 8

出版物シリーズ

名前Proceedings of the Annual Hawaii International Conference on System Sciences
2020-January
ISSN(印刷版)1530-1605

Conference

Conference54th Annual Hawaii International Conference on System Sciences, HICSS 2021
CityVirtual, Online
Period21/1/421/1/8

ASJC Scopus subject areas

  • 工学(全般)

引用スタイル