Vulnerability Type Prediction in Common Vulnerabilities and Exposures Database with Ensemble Machine Learning

Vulnerability Type Prediction in Common Vulnerabilities and Exposures Database with Ensemble Machine Learning

연구 분야: Strategies

학회: 2021 International Conference Automatics and Informatics (ICAI)

A typical vulnerability database contains many records and every record has assigned a unique identifier and a description. Common Vulnerabilities and Exposures (CVE) database is one of the most common, free to use, large and reliable vulnerability databases. We provided this research due to the growing number of discovered vulnerabilities, roughly fifteen thousand for every year, which makes the manual classification very difficult. In this paper we prove that ensemble machine learning is an adequate technique for automated vulnerability type classification. We also achieved noticeably better prediction scores compared to basic machine learning methods, using improved training features and ensemble machine learning algorithms.