Towards Vulnerability Types Classification Using Pure Self-Attention: A Common Weakness Enumeration Based Approach

Tianyi Wang, Shengzhi Qin, Kam-pui Chow
{"title":"Towards Vulnerability Types Classification Using Pure Self-Attention: A Common Weakness Enumeration Based Approach","authors":"Tianyi Wang, Shengzhi Qin, Kam-pui Chow","doi":"10.1109/CSE53436.2021.00030","DOIUrl":null,"url":null,"abstract":"The wake of increasing malicious cyberattack cases has aroused people’s attention on cybersecurity and vulnerabilities. Common Vulnerabilities and Exposures (CVE), a famous cybersecurity vulnerability database, is often referenced as a standard in cybersecurity territory for both research and commercial purposes. In the past decade, the development of Common Weakness Enumeration (CWE) has provided useful vulnerability taxonomy on CVE entities. However, the generation process of CWE categories is totally by manual working, which has made cybersecurity professionals suffer from the unpredictable timing waiting for the up to date information to be published. In this study, a new CWE based vulnerability types classification method is introduced with the adoption of the CVE dataset. Our method adopts transformer encoder-decoder architecture and uses pure self-attention mechanism without any convolutions and recurrences. We first encode the CVE input entries to learn representative features and then decode them to perform vulnerability types classification regarding the CWE standards. Fine-tuned deep pre-trained Bidirectional Encoder Representation from Transformers (BERT) is utilized in experiment and performs automatic vulnerability types classification tasks on unlabeled CVE candidates and assigns CWE IDs. The proposed vulnerability types classification method outperforms all classical Natural Language Processing (NLP) baseline algorithms, conducting a high accuracy of 90.74% on the testing dataset. In addition, the well-trained vulnerability types classification model is believed to achieve considerable correctness at industry level when applied to the real-life cyber threat intelligence related articles and reports.","PeriodicalId":6838,"journal":{"name":"2021 IEEE 24th International Conference on Computational Science and Engineering (CSE)","volume":"8 1","pages":"146-153"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 24th International Conference on Computational Science and Engineering (CSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSE53436.2021.00030","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6

Abstract

The wake of increasing malicious cyberattack cases has aroused people’s attention on cybersecurity and vulnerabilities. Common Vulnerabilities and Exposures (CVE), a famous cybersecurity vulnerability database, is often referenced as a standard in cybersecurity territory for both research and commercial purposes. In the past decade, the development of Common Weakness Enumeration (CWE) has provided useful vulnerability taxonomy on CVE entities. However, the generation process of CWE categories is totally by manual working, which has made cybersecurity professionals suffer from the unpredictable timing waiting for the up to date information to be published. In this study, a new CWE based vulnerability types classification method is introduced with the adoption of the CVE dataset. Our method adopts transformer encoder-decoder architecture and uses pure self-attention mechanism without any convolutions and recurrences. We first encode the CVE input entries to learn representative features and then decode them to perform vulnerability types classification regarding the CWE standards. Fine-tuned deep pre-trained Bidirectional Encoder Representation from Transformers (BERT) is utilized in experiment and performs automatic vulnerability types classification tasks on unlabeled CVE candidates and assigns CWE IDs. The proposed vulnerability types classification method outperforms all classical Natural Language Processing (NLP) baseline algorithms, conducting a high accuracy of 90.74% on the testing dataset. In addition, the well-trained vulnerability types classification model is believed to achieve considerable correctness at industry level when applied to the real-life cyber threat intelligence related articles and reports.
基于纯自关注的漏洞类型分类:一种常见的基于弱点枚举的方法
随着恶意网络攻击案件的不断增多,引起了人们对网络安全和漏洞的关注。Common Vulnerabilities and Exposures (CVE)是一个著名的网络安全漏洞数据库,在网络安全研究和商业领域经常被引用为标准。在过去的十年中,公共弱点枚举(CWE)的发展为CVE实体提供了有用的漏洞分类。然而,CWE类别的生成过程完全是手工操作的,这使得网络安全专业人员面临着等待最新信息发布的不可预测的时间。本研究采用CVE数据集,引入了一种新的基于CWE的漏洞类型分类方法。该方法采用变压器式编解码器结构,采用纯自关注机制,不需要任何卷积和递归。我们首先对CVE输入条目进行编码,学习具有代表性的特征,然后对其进行解码,根据CWE标准进行漏洞类型分类。实验中使用了微调深度预训练双向编码器表示(BERT),对未标记的CVE候选对象进行漏洞类型自动分类任务并分配CWE id。提出的漏洞类型分类方法优于所有经典的自然语言处理(NLP)基线算法,在测试数据集上的准确率高达90.74%。此外,训练有素的漏洞类型分类模型在应用于现实生活中的网络威胁情报相关文章和报告时,在行业层面上具有相当的正确性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信