Processing of Unstructured Information About Software Vulnerabilities

Processing of Unstructured Information About Software Vulnerabilities

To maintain the information security of a computer system, it is necessary to regularly audit the used system components and their corresponding vulnerabilities. However, accounting for software flaws is a time-consuming task due to the constant emergence of new unstructured information about discov...

Full description

Bibliographic Details
Main Authors: Daniela-Kler Nkodia, Alexander Menshchikov, Dmitriy Tatarov
Format: Article
Language:English
Published: FRUCT 2022-04-01
Series:Proceedings of the XXth Conference of Open Innovations Association FRUCT
Subjects:
cybersecurity
vulnerability
text classification
machine learning
Online Access:https://www.fruct.org/publications/fruct31/files/Nko.pdf
Description
Summary:To maintain the information security of a computer system, it is necessary to regularly audit the used system components and their corresponding vulnerabilities. However, accounting for software flaws is a time-consuming task due to the constant emergence of new unstructured information about discovered vulnerabilities. To increase the speed of analyzing relevant information, the algorithm for processing vulnerability descriptions and the XML-based output data presentation format were proposed. Processing a text description means identifying a name and version of vulnerable software, as well as determining the type of a vulnerability and a level of severity. At the current stage of the research, the achieved classification accuracy is 87%.
ISSN:2305-7254
2343-0737

Similar Items