Cook, Bryan; Janamian, Saba; Lim, Teck; Logan, James; Ulloa, Ivan; Altintas, Ilkay; Gupta, Amarnath (2021). Using NLP to Predict the Severity of Cyber Security Vulnerabilities. In Data Science & Engineering Master of Advanced Study (DSE MAS) Capstone Projects. UC San Diego Library Digital Collections. https://doi.org/10.6075/J0TX3F89

Cyber-attacks continue to be one of the world’s foremost safety and economic threats, and, in recent years, have become more numerous and severe. Cybersecurity engineers use industry-standard “Common Vulnerabilities and Exposure” (CVE) records to understand and address known threats. CVE records generally contain “Common Vulnerability Scoring System” (CVSS) scores, which indicate a human-determined level of severity. These scores are important to cybersecurity engineers in threat prioritization. Unfortunately, nearly half of all CVE records have not yet been assigned CVSS v3 scores, a critical component of the overall CVSS score. The VulnerWatch product is introduced as a machine learning solution for predicting CVSS v3 scores. Bidirectional Encoder Representation (BERT) is used on CVE record text descriptions to predict eight metrics that, in aggregate, indicate a CVSS v3 score. VulnerWatch provides the user with a prioritized list of CVE records that do not have human-determined CVSS v3 scores, along with a predicted score. It also allows the engineer to manually enter text describing threats and receive a predicted CVSS v3 score in near real-time. The accuracy of predictions for metrics determining CVSS v3 scores is favorable, averaging close to 0.9, with similar levels of precision and recall. Resultant CVSS v3 score predictions are also favorably accurate (MSE = 1.27, MAE = 0.5, R2= 0.51). At this level of accuracy, VulnerWatch is deemed to be successful in providing a valuable tool in combatting cyber-attacks.

• 2021-01 to 2021-06

• 2021

• Altintas De Callafon, Ilkay
• Gupta, Amarnath

• Cook, Bryan
• Janamian, Saba
• Lim, Teck
• Logan, James
• Ulloa, Ivan

• DSE MAS - 2021 Cohort

• Algorithm: Semi-supervised learning
• Algorithm: Supervised learning
• Algorithm: Unsupervised learning
• Bidirectional Encoder Representation (BERT)
• Capstone projects
• Common Vulnerabilities and Exposure (CVE)
• Cyber attack
• Cybersecurity
• Data Science & Engineering Master of Advanced Study (DSE MAS)
• Natural Language Processing (NLP)
• Task: Anomaly detection
• Task: Classification
• Task: Clustering
• Task: Dimensionality reduction
• Task: Feature extraction
• Task: Ranking
• Task: Regression
• Transfer learning

• data
• text

• English

Doi: https://doi.org/10.6075/J0TX3F89

Source data

• BERT model implementation was derived from: https://www.chrismccormick.ai/
• CVE Data downloaded via REST API from: https://nvd.nist.gov/

Other resource

• Bozorgi, Mehran, et al. “Beyond Heuristics.” Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining - KDD '10, 2010. https://doi.org/10.1145/1835804.1835821
• Elbaz, Clément, et al. “Fighting N-Day Vulnerabilities with Automated CVSS Vector Prediction at Disclosure.” Proceedings of the 15th International Conference on Availability, Reliability and Security, 2020. https://doi.org/10.1145/3407023.3407038
• Khazaei, Atefeh, et al. “An Automatic Method for CVSS Score Prediction Using Vulnerabilities Description.” Journal of Intelligent & Fuzzy Systems, vol. 30, no. 1, 2015, pp. 89–96. https://doi.org/10.3233/ifs-151733

Creative Commons Attribution 4.0 International Public License

• Cook, Bryan; Janamian, Saba; Lim, Teck; Logan, James; Ulloa, Ivan

Under copyright (US)

Use: This work is available from the UC San Diego Library. This digital copy of the work is intended to support research, teaching, and private study.

Constraint(s) on Use: This work is protected by the U.S. Copyright Law (Title 17, U.S.C.). Use of this work beyond that allowed by "fair use" or any license applied to this work requires written permission of the copyright holder(s). Responsibility for obtaining permissions and any use and distribution of this work rests exclusively with the user and not the UC San Diego Library. Inquiries can be made to the UC San Diego Library program having custody of the work.

Research Data Curation Program, UC San Diego, La Jolla, 92093-0175 (https://lib.ucsd.edu/rdcp)

2024-06-28