Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports

Hansong Ren, Xuejun Li*, Liao Lei, Guoliang Ou, Hongyu Sun, Gaofei Wu, Xiao Tian, Jinglu Hu, Yuqing Zhang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

At present, the vulnerability database research has mainly focused on whether the disclosed information is accurate. However, the information differences between the various vulnerability databases have received little attention. This article proposes a WITTY (softWare versIon inconsisTency measuremenT sYstem) to detect the differences between the affected software versions of NVD and different language vulnerability databases (including English CVE, OpenWall, Chinese CNNVD, CNVD, and other eight databases). WITTY can enable Our large-scale quantitative information consistency. We introduce named entity recognition (NER) and relation extraction (RE) based on deep learning. We present custom design into named entity recognition (NER) and relation extraction (RE) based on deep learning, enabling WITTY to recognize previously invisible software names and versions based on sentence structure and context. Ground-truth shows that the system has a high accuracy rate (95.3% accuracy rate, 89.9% recall rate). We use data from 8 vulnerability databases in the past 21 years, involving 554,725 vulnerability reports. The results show that they are inconsistent. The software version is prevalent. The average exact match rate of English vulnerability databases CVE, OpenWall, and other vulnerability databases with cve is only 22.1%. The average exact match rate of Chinese CNNVD and CNVD is 49.5%, and the excat match rate of Russian vulnerability databases is 25.8%.

Original languageEnglish
Title of host publicationFrontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers
EditorsChunjie Cao, Yuqing Zhang, Yuan Hong, Ding Wang
PublisherSpringer Science and Business Media Deutschland GmbH
Pages78-99
Number of pages22
ISBN (Print)9789811905223
DOIs
Publication statusPublished - 2022
Event4th International Conference on Frontiers in Cyber Security, FCS 2021 - Haikou, China
Duration: 2021 Dec 172021 Dec 19

Publication series

NameCommunications in Computer and Information Science
Volume1558 CCIS
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference4th International Conference on Frontiers in Cyber Security, FCS 2021
Country/TerritoryChina
CityHaikou
Period21/12/1721/12/19

Keywords

  • Deep learning
  • Natural language processing
  • Security breach
  • Security vulnerability databases

ASJC Scopus subject areas

  • General Computer Science
  • General Mathematics

Fingerprint

Dive into the research topics of 'Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports'. Together they form a unique fingerprint.

Cite this