利用项频率-反重力矩提高漏洞报告分类的准确性

2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS) Pub Date : 2019-07-01 DOI:10.1109/QRS.2019.00041

P. Kudjo, Jinfu Chen, Minmin Zhou, Solomon Mensah, Rubing Huang

{"title":"利用项频率-反重力矩提高漏洞报告分类的准确性","authors":"P. Kudjo, Jinfu Chen, Minmin Zhou, Solomon Mensah, Rubing Huang","doi":"10.1109/QRS.2019.00041","DOIUrl":null,"url":null,"abstract":"Software vulnerability analysis is one of the critical issues in the software industry, and vulnerability classification plays a major role in this analysis. A typical vulnerability classification model usually involves a stage of term selection, in which the relevant terms are identified via feature selection. It also involves a stage of term weighting, in which document weights for the selected terms are computed, and a stage for classifier learning. Generally, the term frequency-inverse document frequency (TF-IDF) is the most widely used term-weighting method. However, empirical evidence shows that the TF-IDF is plagued with issues pertaining to its effectiveness. This paper introduces a new approach for vulnerability classification, which is based on term frequency and inverse gravity moment (TF-IGM). The proposed method is validated by empirical experiments using three machine learning algorithms on ten publicly available vulnerability datasets. The result shows that TF-IGM outperforms the benchmark method across the applications studied.","PeriodicalId":122665,"journal":{"name":"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)","volume":"136 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment\",\"authors\":\"P. Kudjo, Jinfu Chen, Minmin Zhou, Solomon Mensah, Rubing Huang\",\"doi\":\"10.1109/QRS.2019.00041\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software vulnerability analysis is one of the critical issues in the software industry, and vulnerability classification plays a major role in this analysis. A typical vulnerability classification model usually involves a stage of term selection, in which the relevant terms are identified via feature selection. It also involves a stage of term weighting, in which document weights for the selected terms are computed, and a stage for classifier learning. Generally, the term frequency-inverse document frequency (TF-IDF) is the most widely used term-weighting method. However, empirical evidence shows that the TF-IDF is plagued with issues pertaining to its effectiveness. This paper introduces a new approach for vulnerability classification, which is based on term frequency and inverse gravity moment (TF-IGM). The proposed method is validated by empirical experiments using three machine learning algorithms on ten publicly available vulnerability datasets. The result shows that TF-IGM outperforms the benchmark method across the applications studied.\",\"PeriodicalId\":122665,\"journal\":{\"name\":\"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)\",\"volume\":\"136 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS.2019.00041\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2019.00041","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

摘要

软件漏洞分析是软件行业的关键问题之一，而漏洞分类在软件漏洞分析中起着重要作用。典型的漏洞分类模型通常包含术语选择阶段，通过特征选择识别相关术语。它还涉及术语加权阶段，其中计算所选术语的文档权重，以及分类器学习阶段。通常，术语频率逆文档频率(TF-IDF)是使用最广泛的术语加权方法。然而，经验证据表明，TF-IDF存在着与有效性有关的问题。提出了一种基于词频和反重力矩(TF-IGM)的漏洞分类新方法。利用三种机器学习算法在10个公开的漏洞数据集上进行了实证实验。结果表明，TF-IGM方法在各种应用中都优于基准方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment

Software vulnerability analysis is one of the critical issues in the software industry, and vulnerability classification plays a major role in this analysis. A typical vulnerability classification model usually involves a stage of term selection, in which the relevant terms are identified via feature selection. It also involves a stage of term weighting, in which document weights for the selected terms are computed, and a stage for classifier learning. Generally, the term frequency-inverse document frequency (TF-IDF) is the most widely used term-weighting method. However, empirical evidence shows that the TF-IDF is plagued with issues pertaining to its effectiveness. This paper introduces a new approach for vulnerability classification, which is based on term frequency and inverse gravity moment (TF-IGM). The proposed method is validated by empirical experiments using three machine learning algorithms on ten publicly available vulnerability datasets. The result shows that TF-IGM outperforms the benchmark method across the applications studied.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)

自引率

0.00%

发文量