DeepAI
Log In Sign Up

ThreatZoom: CVE2CWE using Hierarchical Neural Network

09/24/2020
by   Ehsan Aghaei, et al.
0

The Common Vulnerabilities and Exposures (CVE) represent standard means for sharing publicly known information security vulnerabilities. One or more CVEs are grouped into the Common Weakness Enumeration (CWE) classes for the purpose of understanding the software or configuration flaws and potential impacts enabled by these vulnerabilities and identifying means to detect or prevent exploitation. As the CVE-to-CWE classification is mostly performed manually by domain experts, thousands of critical and new CVEs remain unclassified, yet they are unpatchable. This significantly limits the utility of CVEs and slows down proactive threat mitigation. This paper presents the first automatic tool to classify CVEs to CWEs. ThreatZoom uses a novel learning algorithm that employs an adaptive hierarchical neural network which adjusts its weights based on text analytic scores and classification errors. It automatically estimates the CWE classes corresponding to a CVE instance using both statistical and semantic features extracted from the description of a CVE. This tool is rigorously tested by various datasets provided by MITRE and the National Vulnerability Database (NVD). The accuracy of classifying CVE instances to their correct CWE classes are 92 dataset, and 75 the small corpus.

READ FULL TEXT

page 1

page 2

page 3

page 4

02/23/2021

V2W-BERT: A Framework for Effective Hierarchical Multiclass Classification of Software Vulnerabilities

Weaknesses in computer systems such as faults, bugs and errors in the ar...
07/18/2018

SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities

The detection of software vulnerabilities (or vulnerabilities for short)...
06/30/2020

CVE based classification of vulnerable IoT systems

Common Vulnerabilities and Exposures database (CVE) is one of the larges...
06/14/2020

Vulnerability Coverage for Secure Configuration

We present a novel idea on adequacy testing called “vulnerability covera...
10/03/2022

Enriching Vulnerability Reports Through Automated and Augmented Description Summarization

Security incidents and data breaches are increasing rapidly, and only a ...
01/05/2021

Generating Informative CVE Description From ExploitDB Posts by Extractive Summarization

ExploitDB is one of the important public websites, which contributes a l...
10/16/2017

Classifying Web Exploits with Topic Modeling

This short empirical paper investigates how well topic modeling and data...