Abstract
AbstractThis paper shows an end-to-end Artificial Intelligence (AI) system to estimate the severity level and the various Common Vulnerability Scoring System (CVSS) components from natural language descriptions without reproducing the vulnerability. This natural language processing-based approach can estimate the CVSS from only the Common Vulnerabilities and Exposures description without the need to reproduce the vulnerability environment. We present an Error Grid Analysis for the CVSS base score prediction task. Experiments on CVSS 2.0 and CVSS 3.1 show that state-of-the-art deep learning models can predict the CVSS scoring components with high accuracy. The low-cost Universal Sentence Encoder (large) model outperforms the Generative Pre-trained Transformer-3 (GPT-3) and the Support Vector Machine baseline on the majority of the classification tasks with a lower computation overhead than the GPT-3.KeywordsThreat IntelligenceArtificial IntelligenceCVSSDeep LearningNatural Language Processing
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
