Text-mining Approach for Estimating Vulnerability Score

被引：0

作者：

Miyamoto, Daisuke ^{[1
]}

Yamamoto, Yasuhiro ^{[2
]}

Nakayama, Masaya ^{[1
]}

机构：

[1] Univ Tokyo, Ctr Informat Technol, Bunkyo Ku, 2-11-16 Yayoi, Tokyo 1138658, Japan

[2] Univ Tokyo, Grad Sch Engn, Bunkyo Ku, Tokyo 1138656, Japan

来源：

2015 4TH INTERNATIONAL WORKSHOP ON BUILDING ANALYSIS DATASETS AND GATHERING EXPERIENCE RETURNS FOR SECURITY (BADGERS) | 2015年

关键词：

D O I：

10.1109/BADGERS.2015.12

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

This paper develops a method that can automatically estimate the security metrics of documents written in natural language. Currently, security metrics play an important role in assessing the impact and risks of cyberthreats. Security metrics also enable operators to recognize emerging cyberthreats and to prioritize operations in order to mitigate such threats. In this paper, we focus on estimating the ratings in the Common Vulnerability Scoring System by inspecting the threats described in the Common Vulnerability and Exposures dictionary. Our approach employs various techniques for processing natural language, and it uses the descriptions in the dictionary to estimate the base metrics. This paper also extends the algorithm to increase the accuracy of the estimate.

引用

页码：67 / 73

页数：7

共 24 条

[1]

[Anonymous], 2007, 1 FORUM INCIDENT RES

[2]

[Anonymous], NAT VULN DAT

[3]

AVTEST, 2013, AD JAV MAK WIND

[4]

Blei D.M., 2007, P 20 INT C NEUR INF, P121, DOI DOI 10.5555/2981562.2981578

[5] Latent Dirichlet allocation [J].

Blei, DM ;

Ng, AY ;

Jordan, MI .

JOURNAL OF MACHINE LEARNING RESEARCH, 2003, 3 (4-5) :993-1022

[6]

Chaput M., STEMMING

[7]

CNA, CVE NUMB AUTH

[8]

DEERWESTER S, 1990, J AM SOC INFORM SCI, V41, P391, DOI 10.1002/(SICI)1097-4571(199009)41:6<391::AID-ASI1>3.0.CO

[9]

2-9

[10]

Etoh H., 2002, Transactions of the Information Processing Society of Japan, V43, P4034

← 1 2 3 →