All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Cybersecurity Defenses: Exploration of CVE Types through Attack Descriptions

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F24%3A00136512" target="_blank" >RIV/00216224:14330/24:00136512 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1109/SEAA64295.2024.00069" target="_blank" >http://dx.doi.org/10.1109/SEAA64295.2024.00069</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/SEAA64295.2024.00069" target="_blank" >10.1109/SEAA64295.2024.00069</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Cybersecurity Defenses: Exploration of CVE Types through Attack Descriptions

  • Original language description

    Vulnerabilities in software security can remain undiscovered even after being exploited. Linking attacks to vulnerabilities helps experts identify and respond promptly to the incident. This paper introduces VULDAT, a classification tool using a sentence transformer MPNET to identify system vulnerabilities from attack descriptions. Our model was applied to 100 attack techniques from the ATT&amp;CK repository and 685 issues from the CVE repository. Then, we compare the performance of VULDAT against the other eight state-of-the-art classifiers based on sentence transformers. Our findings indicate that our model achieves the best performance with F1 score of 0.85, Precision of 0.86, and Recall of 0.83. Furthermore, we found 56% of CVE reports vulnerabilities associated with an attack were identified by VULDAT, and 61% of identified vulnerabilities were in the CVE repository.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2024

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    50th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA)

  • ISBN

    9798350380262

  • ISSN

    2640-592X

  • e-ISSN

  • Number of pages

    4

  • Pages from-to

    415-418

  • Publisher name

    IEEE

  • Place of publication

    Not specified

  • Event location

    Paris, France

  • Event date

    Jan 1, 2024

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    001413352200059

Similar results(10)

CoinWatch: A Clone-Based Approach for Detecting Vulnerabilities in CryptocurrenciesGraph-Based CPE Matching for Identification of Vulnerable Asset ConfigurationsBreaking DPA-protected Kyber via the pair-pointwise multiplication