Linking Common Vulnerabilities and Exposures to the MITRE ATT CK Framework: A Self-Distillation Approach

by   Benjamin Ampel, et al.

Due to the ever-increasing threat of cyber-attacks to critical cyber infrastructure, organizations are focusing on building their cybersecurity knowledge base. A salient list of cybersecurity knowledge is the Common Vulnerabilities and Exposures (CVE) list, which details vulnerabilities found in a wide range of software and hardware. However, these vulnerabilities often do not have a mitigation strategy to prevent an attacker from exploiting them. A well-known cybersecurity risk management framework, MITRE ATT CK, offers mitigation techniques for many malicious tactics. Despite the tremendous benefits that both CVEs and the ATT CK framework can provide for key cybersecurity stakeholders (e.g., analysts, educators, and managers), the two entities are currently separate. We propose a model, named the CVE Transformer (CVET), to label CVEs with one of ten MITRE ATT CK tactics. The CVET model contains a fine-tuning and self-knowledge distillation design applied to the state-of-the-art pre-trained language model RoBERTa. Empirical results on a gold-standard dataset suggest that our proposed novelties can increase model performance in F1-score. The results of this research can allow cybersecurity stakeholders to add preliminary MITRE ATT CK information to their collected CVEs.



There are no comments yet.


page 1


DARKMENTION: A Deployed System to Predict Enterprise-Targeted External Cyberattacks

Recent incidents of data breaches call for organizations to proactively ...

Pre-trained Summarization Distillation

Recent state-of-the-art approaches to summarization utilize large pre-tr...

Plan Interdiction Games

We propose a framework for cyber risk assessment and mitigation which mo...

Perspectives on risk prioritization of data center vulnerabilities using rank aggregation and multi-objective optimization

Nowadays, data has become an invaluable asset to entities and companies,...

Safe Distillation Box

Knowledge distillation (KD) has recently emerged as a powerful strategy ...

Big Fish, Little Fish, Critical Infrastructure: An Analysis of Phineas Fisher and the 'Hacktivist' Threat to Critical Infrastructure

The hacktivist threat actor is listed in many risk decision documents. Y...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.