Author: WÃ¥reus, Emil; Hell, Martin
Title: Automated CPE Labeling of CVE Summaries with Machine Learning Cord-id: 8s6l1xzv Document date: 2020_6_11
ID: 8s6l1xzv
Snippet: Open Source Security and Dependency Vulnerability Management (DVM) has become a more vital part of the software security stack in recent years as modern software tend to be more dependent on open source libraries. The largest open source of vulnerabilities is the National Vulnerability Database (NVD), which supplies developers with machine-readable vulnerabilities. However, sometimes Common Vulnerabilities and Exposures (CVE) have not been labeled with a Common Platform Enumeration (CPE) -versio
Document: Open Source Security and Dependency Vulnerability Management (DVM) has become a more vital part of the software security stack in recent years as modern software tend to be more dependent on open source libraries. The largest open source of vulnerabilities is the National Vulnerability Database (NVD), which supplies developers with machine-readable vulnerabilities. However, sometimes Common Vulnerabilities and Exposures (CVE) have not been labeled with a Common Platform Enumeration (CPE) -version, -product and -vendor. This makes it very hard to automatically discover these vulnerabilities from import statements in dependency files. We, therefore, propose an automatic process of matching CVE summaries with CPEs through the machine learning task called Named Entity Recognition (NER). Our proposed model achieves an F-measure of 0.86 with a precision of 0.857 and a recall of 0.865, outperforming previous research for automated CPE-labeling of CVEs.
Search related documents:
Co phrase search for related documents- accurately predict and activation function: 1
- accurately predict and long short term: 1, 2, 3, 4, 5, 6, 7, 8
- accurately predict and long short term memory: 1, 2, 3, 4, 5, 6, 7, 8
- accurately predict and machine learn: 1
- accurately predict and machine learning: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49
- accurately predict and machine learning model: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12
- accurately predict and machine learning support: 1, 2
- activation function and adam optimizer: 1, 2, 3
- activation function and long distance: 1
- activation function and long short term: 1, 2
- activation function and long short term memory: 1, 2
- activation function and machine learning: 1, 2, 3, 4, 5, 6
- activation function and machine learning model: 1
- actual information and long short term: 1, 2
Co phrase search for related documents, hyperlinks ordered by date