|Autors: Yosifova, V. K., Tasheva, A. T., Trifonov, R. I.|
Title: Predicting Vulnerability Type in Common Vulnerabilities and Exposures (CVE) Database with Machine Learning Classifiers
Keywords: common vulnerabilities and exposure (CVE), cybersecurity , machine learning, classification, vulnerability type
Abstract: Vulnerability type is not part of the standard CVE scheme so the ability to determine it only on the basis of text description would be a very useful for automated vulnerability handling. The growing number of hardware and software vulnerabilities discovered every year makes it more difficult for manual classification of the vulnerabilities types. This justifies the need for automatic machine learning classification. In this study we research the performance of base ML classifier algorithms, such as Linear Support Vector Classification, Naive Bayes, and Random Forest Classifier. To measure the performance of our classifiers, we use precision, recall, and f1-score evaluation metrics. Previous studies have focused on machine learning methods predicting platform vendor and products, vulnerability scoring, software vulnerabilities exploitation. Our study aims to show that machine learning is suitable for automated vulnerability type classification.
Copyright IEEE Xplore
Вид: публикация в международен форум, публикация в реферирано издание, индексирана в Scopus