A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns

OTHMAN, Refat T A, Bruno ROSSI a Barbara RUSSO. A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns. In 50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA). IEEE, 2024.

Základní údaje

Originální název

A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns

Autoři

OTHMAN, Refat T A, Bruno ROSSI a Barbara RUSSO

Vydání

50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA), 2024

Nakladatel

IEEE

---

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10200 1.2 Computer and information sciences

Utajení

není předmětem státního či obchodního tajemství

Příznaky

Mezinárodní význam, Recenzováno

---

Anotace

V originále

Nowadays, threat reports reported by cybersecurity vendors incorporate detailed descriptions of attacks within unstructured text. Knowing vulnerabilities that are related to these reports helps cybersecurity researchers and practitioners understand and adjust to evolving attacks and develop mitigation plans for them. This paper aims to aid cybersecurity researchers and practitioners in choosing attack extraction methods to enhance the monitoring and sharing of threat intelligence. In this work, we examine five existing extraction methods and find that Term Frequency-Inverse Document Frequency (TFIDF) outperforms the other four methods with a precision of 75% and an F1 score of 64%. We obtain that when we increase the class labels, all methods perform worse regarding F1 score drops. The findings offer valuable insights to the cybersecurity community, and our research can aid cybersecurity researchers in evaluating and comparing the effectiveness of upcoming extraction methods.