An Improved Light GBM using Bayesian Optimization for Vulnerability Exploitation Prediction

Abstract

Despite the significant advances in software security research, exploitability prediction remains elusive due to the uncertainty of which vulnerability to be prioritized. Though many studies have been done on vulnerability prediction, some problems still persist such as efficient parameter optimization, which has significant effect on the algorithm performance and efficiency. To address these challenges, we proposed an Improved Light Gradient Boosting Machine (LGBM) model using Bayesian Optimization (BO) Method. Three experiments were conducted to compare prediction accuracy and computational cost of time and memory on LGBM, LGBM with Grid Search and LGBM with Bayesian Optimization models. The results demonstrated that our Improved BO- LGBM model has better prediction accuracy and lower computational cost than the comparative models. BO-LIGHT GBM rendered AUC of 83% measuring the model performance, accuracy of 81%, while in terms of time and memory consumption has definitely taken the lead of 0.23 min executional time and 32MiB system memory. Our results suggest promising future applications of our improved BO_ LGBM model for the prediction of vulnerability exploitation, that could be relevant for IT organizations and vendors or any organization that has limited computational resources in its premises if employed.