[PDF] jst.go.jp

Character-level convolutional neural network for predicting severity of software vulnerability from vulnerability description

S Nakagawa, T Nagai, H Kanehara… - … on Information and …, 2019 - search.ieice.org
S Nakagawa, T Nagai, H Kanehara, K Furumoto, M Takita, Y Shiraishi, T Takahashi, M Mohri…
IEICE TRANSACTIONS on Information and Systems, 2019search.ieice.org
System administrators and security officials of an organization need to deal with vulnerable
IT assets, especially those with severe vulnerabilities, to minimize the risk of these
vulnerabilities being exploited. The Common Vulnerability Scoring System (CVSS) can be
used as a means to calculate the severity score of vulnerabilities, but it currently requires
human operators to choose input values. A word-level Convolutional Neural Network (CNN)
has been proposed to estimate the input parameters of CVSS and derive the severity score …
System administrators and security officials of an organization need to deal with vulnerable IT assets, especially those with severe vulnerabilities, to minimize the risk of these vulnerabilities being exploited. The Common Vulnerability Scoring System (CVSS) can be used as a means to calculate the severity score of vulnerabilities, but it currently requires human operators to choose input values. A word-level Convolutional Neural Network (CNN) has been proposed to estimate the input parameters of CVSS and derive the severity score of vulnerability notes, but its accuracy needs to be improved further. In this paper, we propose a character-level CNN for estimating the severity scores. Experiments show that the proposed scheme outperforms conventional one in terms of accuracy and how errors occur.
search.ieice.org
Show moreShow less
Save Cite Cited by 16 Related articles All 6 versions
Showing the best result for this search. See all results