Autors: Yosifova, V. K., Tasheva, A. T., Trifonov, R. I.
Title: Predicting Vulnerability Type in Common Vulnerabilities and Exposures (CVE) Database with Machine Learning Classifiers
Keywords: common vulnerabilities and exposure (CVE), cybersecurity , machine learning, classification, vulnerability type

Abstract: Vulnerability type is not part of the standard CVE scheme so the ability to determine it only on the basis of text description would be a very useful for automated vulnerability handling. The growing number of hardware and software vulnerabilities discovered every year makes it more difficult for manual classification of the vulnerabilities types. This justifies the need for automatic machine learning classification. In this study we research the performance of base ML classifier algorithms, such as Linear Support Vector Classification, Naive Bayes, and Random Forest Classifier. To measure the performance of our classifiers, we use precision, recall, and f1-score evaluation metrics. Previous studies have focused on machine learning methods predicting platform vendor and products, vulnerability scoring, software vulnerabilities exploitation. Our study aims to show that machine learning is suitable for automated vulnerability type classification.

References

    Issue

    2021 12th National Conference with International Participation (ELECTRONICA), 2021, Bulgaria, IEEE, ISBN 978-1-6654-4061-5

    Copyright IEEE Xplore

    Вид: публикация в международен форум, публикация в реферирано издание, индексирана в Scopus