Vulnerability exploitation time prediction: an integrated framework for dynamic imbalanced learning

Vulnerability exploitation time prediction: an integrated framework for dynamic imbalanced learning

연구 분야: Strategies

학회: World Wide Web

Exploitation time is an essential factor for vulnerability assessment in cybersecurity management. In this work, we propose an integrated consecutive batch learning framework to predict the probable exploitation time of vulnerabilities. To achieve a better performance, we combine features extracted from both vulnerability descriptions and the Common Vulnerability Scoring System in the proposed framework. In particular, we design an Adaptive Sliding Window Weighted Learning (ASWWL) algorithm to tackle the dynamic multiclass imbalance problem existing in many industrial applications including exploitation time prediction. A series of experiments are carried out on a real-world dataset, containing 24,413 exploited vulnerabilities disclosed between 1990 and 2020. Experimental results demonstrate the proposed ASWWL algorithm can significantly enhance the performance of the minority classes without compromising the performance of the majority class. Besides, the proposed framework achieves the most robust and state-of-the-art performance compared with the other five consecutive batch learning algorithms.