An automatic vulnerability classification framework based on BiGRU-TextCNN
INNS DLIA@IJCNN(2023)
摘要
Common Vulnerabilities and Exposures (CVE) records known vulnerabilities and provides standardized descriptions. By utilizing Common Weakness Enumeration (CWE) to classify vulnerabilities, it can provide richer background knowledge and more detailed mitigation measures for the vulnerability. However, due to the negligence on manual classification and the evolution of vulnerabilities, the accuracy of vulnerabilities classification needs urgent improvement. Additionally, the large and ever-increasing number of vulnerabilities poses a huge challenge to the efficiency and accuracy of vulnerabilities manual classification. To address that, we propose a vulnerability classification framework based on BiGRU-TextCNN, which processes, trains, predicts to automatically classify vulnerabilities into weaknesses based on the description of vulnerability. To verify the performance and feasibility of the proposed framework, we first conducting comparison experiments on different text classification models, and then predicting the corresponding weakness with the description of vulnerability utilizing the proposed framework.
更多查看译文
关键词
vulnerability classification,text classification,deep learning,security advisory
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要