A Comparison of Vulnerability Feature Extraction Methods from
Textual Attack Patterns

D 2024

A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns

OTHMAN, Refat T A, Bruno ROSSI and Barbara RUSSO

Basic information

Original name

A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns

Authors

OTHMAN, Refat T A (275 Palestine, State of), Bruno ROSSI (380 Italy, guarantor, belonging to the institution) and Barbara RUSSO (380 Italy)

Edition

Not specified, 50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA), p. 419-422, 4 pp. 2024

Publisher

IEEE

Other information

Language

English

Type of outcome

Proceedings paper

Field of Study

10200 1.2 Computer and information sciences

Confidentiality degree

is not subject to a state or trade secret

Publication form

electronic version available online

Organization unit

Faculty of Informatics

ISBN

979-8-3503-8026-2

ISSN

DOI

http://dx.doi.org/10.1109/SEAA64295.2024.00070

UT WoS

001413352200060

Keywords in English

Attack Pattern; Cybersecurity; MITRE; Transformer models; Vulnerability

Abstract

V originále

Nowadays, threat reports reported by cybersecurity vendors incorporate detailed descriptions of attacks within unstructured text. Knowing vulnerabilities that are related to these reports helps cybersecurity researchers and practitioners understand and adjust to evolving attacks and develop mitigation plans for them. This paper aims to aid cybersecurity researchers and practitioners in choosing attack extraction methods to enhance the monitoring and sharing of threat intelligence. In this work, we examine five existing extraction methods and find that Term Frequency-Inverse Document Frequency (TFIDF) outperforms the other four methods with a precision of 75% and an F1 score of 64%. We obtain that when we increase the class labels, all methods perform worse regarding F1 score drops. The findings offer valuable insights to the cybersecurity community, and our research can aid cybersecurity researchers in evaluating and comparing the effectiveness of upcoming extraction methods.

Citovat

OTHMAN, Refat T A, Bruno ROSSI and Barbara RUSSO. A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns. Online. In 50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA). Not specified: IEEE, 2024, p. 419-422. ISBN 979-8-3503-8026-2. Available from: https://dx.doi.org/10.1109/SEAA64295.2024.00070.

@inproceedings{2421880,
   author = {Othman, Refat T A and Rossi, Bruno and Russo, Barbara},
   address = {Not specified},
   booktitle = {50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA)},
   doi = {http://dx.doi.org/10.1109/SEAA64295.2024.00070},
   keywords = {Attack Pattern; Cybersecurity; MITRE; Transformer models; Vulnerability},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Not specified},
   isbn = {979-8-3503-8026-2},
   pages = {419-422},
   publisher = {IEEE},
   title = {A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns},
   year = {2024}
}

TY  - CONF
ID  - 2421880
AU  - Othman, Refat T A - Rossi, Bruno - Russo, Barbara
PY  - 2024
TI  - A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns
PB  - IEEE
CY  - Not specified
SN  - 9798350380262
KW  - Attack Pattern
KW  - Cybersecurity
KW  - MITRE
KW  - Transformer models
KW  - Vulnerability
N2  - Nowadays, threat reports reported by cybersecurity vendors incorporate detailed descriptions of attacks within unstructured text. Knowing vulnerabilities that are related to these reports helps cybersecurity researchers and practitioners understand and adjust to evolving attacks and develop mitigation plans for them. This paper aims to aid cybersecurity researchers and practitioners in choosing attack extraction methods to enhance the monitoring and sharing of threat intelligence. In this work, we examine five existing extraction methods and find that Term Frequency-Inverse Document Frequency (TFIDF) outperforms the other four methods with a precision of 75% and an F1 score of 64%. We obtain that when we increase the class labels, all methods perform worse regarding F1 score drops. The findings offer valuable insights to the cybersecurity community, and our research can aid cybersecurity researchers in evaluating and comparing the effectiveness of upcoming extraction methods.
ER  -

OTHMAN, Refat T A, Bruno ROSSI and Barbara RUSSO. A Comparison of Vulnerability Feature Extraction Methods from Textual Attack Patterns. Online. In \textit{50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA)}. Not specified: IEEE, 2024, p.~419-422. ISBN~979-8-3503-8026-2. Available from: https://dx.doi.org/10.1109/SEAA64295.2024.00070.

Přehled o publikaci