CPE-Identifier: Automated CPE Identification and CVE Summaries Annotation with Deep Learning and NLP

Wanyu Hu, Vrizlynn Thing

2024

Abstract

With the drastic increase in the number of new vulnerabilities in the National Vulnerability Database (NVD) every year, the workload for NVD analysts to associate the Common Platform Enumeration (CPE) with the Common Vulnerabilities and Exposures (CVE) summaries becomes increasingly laborious and slow. The delay causes organisations, which depend on NVD for vulnerability management and security measurement, to be more vulnerable to zero-day attacks. Thus, it is essential to come out with a technique and tool to extract the CPEs in the CVE summaries accurately and quickly. In this work, we propose the CPE-Identifier system, an automated CPE annotating and extracting system, from the CVE summaries. The system can be used as a tool to identify CPE entities from new CVE text inputs. Moreover, we also automate the data generating and labeling processes using deep learning models. Due to the complexity of the CVE texts, new technical terminologies appear frequently. To identify novel words in future CVE texts, we apply Natural Language Processing (NLP) Named Entity Recognition (NER), to identify new technical jargons in the text. Our proposed model achieves an F1 score of 95.48%, an accuracy score of 99.13%, a precision of 94.83%, and a recall of 96.14%. We show that it outperforms prior works on automated CVE-CPE labeling by more than 9% on all metrics.

Download


Paper Citation


in Harvard Style

Hu W. and Thing V. (2024). CPE-Identifier: Automated CPE Identification and CVE Summaries Annotation with Deep Learning and NLP. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 67-78. DOI: 10.5220/0012403500003648


in Bibtex Style

@conference{icissp24,
author={Wanyu Hu and Vrizlynn Thing},
title={CPE-Identifier: Automated CPE Identification and CVE Summaries Annotation with Deep Learning and NLP},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={67-78},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012403500003648},
isbn={978-989-758-683-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - CPE-Identifier: Automated CPE Identification and CVE Summaries Annotation with Deep Learning and NLP
SN - 978-989-758-683-5
AU - Hu W.
AU - Thing V.
PY - 2024
SP - 67
EP - 78
DO - 10.5220/0012403500003648
PB - SciTePress