Abstract

Common Vulnerabilities and Exposures (CVE) records known vulnerabilities and provides standardized descriptions. By utilizing Common Weakness Enumeration (CWE) to classify vulnerabilities, it can provide richer background knowledge and more detailed mitigation measures for the vulnerability. However, due to the negligence on manual classification and the evolution of vulnerabilities, the accuracy of vulnerabilities classification needs urgent improvement. Additionally, the large and ever-increasing number of vulnerabilities poses a huge challenge to the efficiency and accuracy of vulnerabilities manual classification. To address that, we propose a vulnerability classification framework based on BiGRU-TextCNN, which processes, trains, predicts to automatically classify vulnerabilities into weaknesses based on the description of vulnerability. To verify the performance and feasibility of the proposed framework, we first conducting comparison experiments on different text classification models, and then predicting the corresponding weakness with the description of vulnerability utilizing the proposed framework.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Efficient Clustering of Software Vulnerabilities using Self Organizing Map (SOM)
Khyati Panchal ... John Miller
-
Khyati Panchal, et. al.Khyati Panchal ... John Miller
14 Nov 2022
Towards Vulnerability Types Classification Using Pure Self-Attention: A Common Weakness Enumeration Based Approach
Tianyi Wang ... Shengzhi Qin
-
Tianyi Wang, et. al.Tianyi Wang ... Shengzhi Qin
01 Oct 2021
ThreatZoom: Hierarchical Neural Network for CVEs to CWEs Classification
Ehsan Aghaei ... Ehab Al-Shaer
-
Ehsan Aghaei, et. al.Ehsan Aghaei ... Ehab Al-Shaer
01 Jan 2020
Classification of Microsoft Office Vulnerabilities: A Step Ahead for Secure Software Development
Supriya Raheja ... Geetika Munjal
-
Supriya Raheja, et. al.Supriya Raheja ... Geetika Munjal
22 Jul 2020
View more papers

More From: Procedia Computer Science

Paper Title
Journal
Date
Author
Navigating the Digital Landscape of Diabetes Care: Current State of the Art and Future Directions
Helena Gonçalves ... António Godinho
Procedia Computer Science | VOL. 237
Helena Gonçalves, et. al.Helena Gonçalves ... António Godinho
31 May 2024
Sustainable Social Business: Contribution of Social Innovation and Civil Society
Thayane De Souza Amaral ... Sérgio Ricardo Da Silveira Barros
Procedia Computer Science | VOL. 237
Thayane De Souza Amaral, et. al.Thayane De Souza Amaral ... Sérgio Ricardo Da Silveira Barros
31 May 2024
New haptic systems for elicit emotions in audio-visual events for hearing impaired people.
Garcia-Lopez Alvaro ... Cerdán Víctor
Procedia Computer Science | VOL. 237
Garcia-Lopez Alvaro, et. al.Garcia-Lopez Alvaro ... Cerdán Víctor
31 May 2024
Characterization and Performance Evaluation of ESP32 for Real-time Synchronized Sensor Networks
M.J Espinosa-Gavira ... Juan José González De-La-Rosa
Procedia Computer Science | VOL. 237
M.J Espinosa-Gavira, et. al.M.J Espinosa-Gavira ... Juan José González De-La-Rosa
31 May 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.