Home // SECURWARE 2020, The Fourteenth International Conference on Emerging Security Information, Systems and Technologies // View article

Automatic Mapping of Vulnerability Information to Adversary Techniques

Authors:
Otgonpurev Mendsaikhan
Hirokazu Hasegawa
Yukiko Yamaguchi
Hajime Shimada

Keywords: Multi-label classification; MITRE ATT&CK; Security Vulnerability

Abstract:
Along with the growth in the usage of software in almost every aspect of human life, the risks associated with software security vulnerabilities also increase. The number of average daily published software vulnerabilities exceeds the human ability to cope with it, hence various threat models to generalize the threat landscape has been developed. The most popular threat model MITRE ATT&CK proved to be a very useful tool for the security analyst to perform cyber threat intelligence, red and blue teaming, and so on. However, for his daily operation, the security analyst has to prioritize his defense by manually mapping the daily published software security vulnerabilities to the adversarial techniques listed in MITRE ATT&CK. In this paper, we propose a method to automatically map the software security vulnerability using a multi-label classification approach. We took the vector representation of the vulnerability description and classified it with various multi-label classification methods to evaluate in different measures and found out the LabelPowerset method with Multilayer Perceptron as base classifier performs best in our experiment.

Pages: 53 to 59

Copyright: Copyright (c) IARIA, 2020

Publication date: November 21, 2020

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-821-1

Location: Valencia, Spain

Dates: from November 21, 2020 to November 25, 2020