Emmanouil Gionanidis, P. Karvelis, G. Georgoulas, K. Stamos, Purvi Garg
{"title":"评估文本增强促进漏洞信息自动映射到对手技术","authors":"Emmanouil Gionanidis, P. Karvelis, G. Georgoulas, K. Stamos, Purvi Garg","doi":"10.1109/SecDev53368.2022.00017","DOIUrl":null,"url":null,"abstract":"MITRE ATT&CK is a well known framework which provides knowledge about adversary techniques' lifecycle and the targeted platforms. This knowledge is acquired by manually mapping vulnerability information to adversary techniques. However, the amount of published vulnerabilities makes it tedious and impractical for the expert. To this end, a model is developed to automate this mapping by solving a multi-label text classification problem. That is, to assign multiple adversary techniques, i.e., labels, to a vulnerability text description. In this paper, state-of-the-art models based on neural networks are utilized to solve the mapping problem. A common issue in multi-label classification is the existence of underrepresented classes. Here, text augmentation techniques are leveraged to help the developed models confront this by increasing, explicitly or implicitly, the input information. It is experimentally demonstrated that the proposed models surpass previous state-of-the-art. Additionally, when the proposed text augmentation techniques are used performance is boosted across all metrics providing a more accurate mapping.","PeriodicalId":407946,"journal":{"name":"2022 IEEE Secure Development Conference (SecDev)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Evaluating Text Augmentation for Boosting the Automatic Mapping of Vulnerability Information to Adversary Techniques\",\"authors\":\"Emmanouil Gionanidis, P. Karvelis, G. Georgoulas, K. Stamos, Purvi Garg\",\"doi\":\"10.1109/SecDev53368.2022.00017\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"MITRE ATT&CK is a well known framework which provides knowledge about adversary techniques' lifecycle and the targeted platforms. This knowledge is acquired by manually mapping vulnerability information to adversary techniques. However, the amount of published vulnerabilities makes it tedious and impractical for the expert. To this end, a model is developed to automate this mapping by solving a multi-label text classification problem. That is, to assign multiple adversary techniques, i.e., labels, to a vulnerability text description. In this paper, state-of-the-art models based on neural networks are utilized to solve the mapping problem. A common issue in multi-label classification is the existence of underrepresented classes. Here, text augmentation techniques are leveraged to help the developed models confront this by increasing, explicitly or implicitly, the input information. It is experimentally demonstrated that the proposed models surpass previous state-of-the-art. Additionally, when the proposed text augmentation techniques are used performance is boosted across all metrics providing a more accurate mapping.\",\"PeriodicalId\":407946,\"journal\":{\"name\":\"2022 IEEE Secure Development Conference (SecDev)\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE Secure Development Conference (SecDev)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SecDev53368.2022.00017\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Secure Development Conference (SecDev)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SecDev53368.2022.00017","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Evaluating Text Augmentation for Boosting the Automatic Mapping of Vulnerability Information to Adversary Techniques
MITRE ATT&CK is a well known framework which provides knowledge about adversary techniques' lifecycle and the targeted platforms. This knowledge is acquired by manually mapping vulnerability information to adversary techniques. However, the amount of published vulnerabilities makes it tedious and impractical for the expert. To this end, a model is developed to automate this mapping by solving a multi-label text classification problem. That is, to assign multiple adversary techniques, i.e., labels, to a vulnerability text description. In this paper, state-of-the-art models based on neural networks are utilized to solve the mapping problem. A common issue in multi-label classification is the existence of underrepresented classes. Here, text augmentation techniques are leveraged to help the developed models confront this by increasing, explicitly or implicitly, the input information. It is experimentally demonstrated that the proposed models surpass previous state-of-the-art. Additionally, when the proposed text augmentation techniques are used performance is boosted across all metrics providing a more accurate mapping.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
