{"title":"Text-Mining Approach for Estimating Vulnerability Score","authors":"Yasuhiro Yamamoto, Daisuke Miyamoto, M. Nakayama","doi":"10.1109/BADGERS.2015.018","DOIUrl":null,"url":null,"abstract":"This paper develops a method that can automatically estimate the security metrics of documents written in natural language. Currently, security metrics play an important role in assessing the impact and risks of cyberthreats. Security metrics also enable operators to recognize emerging cyberthreats and to prioritize operations in order to mitigate such threats. In this paper, we focus on estimating the ratings in the Common Vulnerability Scoring System by inspecting the threats described in the Common Vulnerability and Exposures dictionary. Our approach employs various techniques for processing natural language, and it uses the descriptions in the dictionary to estimate the base metrics. This paper also extends the algorithm to increase the accuracy of the estimate.","PeriodicalId":150208,"journal":{"name":"2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BADGERS.2015.018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 26
Abstract
This paper develops a method that can automatically estimate the security metrics of documents written in natural language. Currently, security metrics play an important role in assessing the impact and risks of cyberthreats. Security metrics also enable operators to recognize emerging cyberthreats and to prioritize operations in order to mitigate such threats. In this paper, we focus on estimating the ratings in the Common Vulnerability Scoring System by inspecting the threats described in the Common Vulnerability and Exposures dictionary. Our approach employs various techniques for processing natural language, and it uses the descriptions in the dictionary to estimate the base metrics. This paper also extends the algorithm to increase the accuracy of the estimate.