Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports

Hansong Ren; Xuejun Li; Liao Lei; Guoliang Ou; Hongyu Sun; Gaofei Wu; Xiao Tian; Jinglu Hu; Yuqing Zhang

doi:10.1007/978-981-19-0523-0_6

Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports

Hansong Ren, Xuejun Li^*, Liao Lei, Guoliang Ou, Hongyu Sun, Gaofei Wu, Xiao Tian, Jinglu Hu, Yuqing Zhang

^*この研究の対応する著者

大学院情報生産システム研究科

研究成果: Conference contribution

抄録

At present, the vulnerability database research has mainly focused on whether the disclosed information is accurate. However, the information differences between the various vulnerability databases have received little attention. This article proposes a WITTY (softWare versIon inconsisTency measuremenT sYstem) to detect the differences between the affected software versions of NVD and different language vulnerability databases (including English CVE, OpenWall, Chinese CNNVD, CNVD, and other eight databases). WITTY can enable Our large-scale quantitative information consistency. We introduce named entity recognition (NER) and relation extraction (RE) based on deep learning. We present custom design into named entity recognition (NER) and relation extraction (RE) based on deep learning, enabling WITTY to recognize previously invisible software names and versions based on sentence structure and context. Ground-truth shows that the system has a high accuracy rate (95.3% accuracy rate, 89.9% recall rate). We use data from 8 vulnerability databases in the past 21 years, involving 554,725 vulnerability reports. The results show that they are inconsistent. The software version is prevalent. The average exact match rate of English vulnerability databases CVE, OpenWall, and other vulnerability databases with cve is only 22.1%. The average exact match rate of Chinese CNNVD and CNVD is 49.5%, and the excat match rate of Russian vulnerability databases is 25.8%.

本文言語	English
ホスト出版物のタイトル	Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers
編集者	Chunjie Cao, Yuqing Zhang, Yuan Hong, Ding Wang
出版社	Springer Science and Business Media Deutschland GmbH
ページ	78-99
ページ数	22
ISBN（印刷版）	9789811905223
DOI	https://doi.org/10.1007/978-981-19-0523-0_6
出版ステータス	Published - 2022
イベント	4th International Conference on Frontiers in Cyber Security, FCS 2021 - Haikou, China 継続期間: 2021 12月 17 → 2021 12月 19

出版物シリーズ

名前	Communications in Computer and Information Science
巻	1558 CCIS
ISSN（印刷版）	1865-0929
ISSN（電子版）	1865-0937

Conference

Conference	4th International Conference on Frontiers in Cyber Security, FCS 2021
国/地域	China
City	Haikou
Period	21/12/17 → 21/12/19

ASJC Scopus subject areas

コンピュータサイエンス（全般）
数学 (全般)

文献へのアクセス

10.1007/978-981-19-0523-0_6

他のファイルとリンク

引用スタイル

Ren, H., Li, X., Lei, L., Ou, G., Sun, H., Wu, G., Tian, X., Hu, J., & Zhang, Y. (2022). Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports. In C. Cao, Y. Zhang, Y. Hong, & D. Wang (Eds.), Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers (pp. 78-99). (Communications in Computer and Information Science; Vol. 1558 CCIS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-19-0523-0_6

Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports. / Ren, Hansong; Li, Xuejun; Lei, Liao その他.
Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers. ed. / Chunjie Cao; Yuqing Zhang; Yuan Hong; Ding Wang. Springer Science and Business Media Deutschland GmbH, 2022. p. 78-99 (Communications in Computer and Information Science; Vol. 1558 CCIS).

研究成果: Conference contribution

Ren, H, Li, X, Lei, L, Ou, G, Sun, H, Wu, G, Tian, X, Hu, J & Zhang, Y 2022, Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports. in C Cao, Y Zhang, Y Hong & D Wang (eds), Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers. Communications in Computer and Information Science, vol. 1558 CCIS, Springer Science and Business Media Deutschland GmbH, pp. 78-99, 4th International Conference on Frontiers in Cyber Security, FCS 2021, Haikou, China, 21/12/17. https://doi.org/10.1007/978-981-19-0523-0_6

Ren H, Li X, Lei L, Ou G, Sun H, Wu G その他. Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports. In Cao C, Zhang Y, Hong Y, Wang D, editors, Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2022. p. 78-99. (Communications in Computer and Information Science). doi: 10.1007/978-981-19-0523-0_6

Ren, Hansong ; Li, Xuejun ; Lei, Liao その他. / Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports. Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers. editor / Chunjie Cao ; Yuqing Zhang ; Yuan Hong ; Ding Wang. Springer Science and Business Media Deutschland GmbH, 2022. pp. 78-99 (Communications in Computer and Information Science).

@inproceedings{3103a35cff2b4e548afa2f48ad0eed1a,

title = "Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports",

abstract = "At present, the vulnerability database research has mainly focused on whether the disclosed information is accurate. However, the information differences between the various vulnerability databases have received little attention. This article proposes a WITTY (softWare versIon inconsisTency measuremenT sYstem) to detect the differences between the affected software versions of NVD and different language vulnerability databases (including English CVE, OpenWall, Chinese CNNVD, CNVD, and other eight databases). WITTY can enable Our large-scale quantitative information consistency. We introduce named entity recognition (NER) and relation extraction (RE) based on deep learning. We present custom design into named entity recognition (NER) and relation extraction (RE) based on deep learning, enabling WITTY to recognize previously invisible software names and versions based on sentence structure and context. Ground-truth shows that the system has a high accuracy rate (95.3% accuracy rate, 89.9% recall rate). We use data from 8 vulnerability databases in the past 21 years, involving 554,725 vulnerability reports. The results show that they are inconsistent. The software version is prevalent. The average exact match rate of English vulnerability databases CVE, OpenWall, and other vulnerability databases with cve is only 22.1%. The average exact match rate of Chinese CNNVD and CNVD is 49.5%, and the excat match rate of Russian vulnerability databases is 25.8%.",

keywords = "Deep learning, Natural language processing, Security breach, Security vulnerability databases",

author = "Hansong Ren and Xuejun Li and Liao Lei and Guoliang Ou and Hongyu Sun and Gaofei Wu and Xiao Tian and Jinglu Hu and Yuqing Zhang",

note = "Funding Information: Keywords: Security breach · Natural language processing · Deep learning · Security vulnerability databases This work was supported by the National Key Research and Development Program of China (2018YFB0804701), the Key Research and Development Program of Hainan Province (ZDYF202012), Guangxi Key Laboratory of Cryptography and Information Security (No. GCIS202123). Publisher Copyright: {\textcopyright} 2022, Springer Nature Singapore Pte Ltd.; 4th International Conference on Frontiers in Cyber Security, FCS 2021 ; Conference date: 17-12-2021 Through 19-12-2021",

year = "2022",

doi = "10.1007/978-981-19-0523-0_6",

language = "English",

isbn = "9789811905223",

series = "Communications in Computer and Information Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "78--99",

editor = "Chunjie Cao and Yuqing Zhang and Yuan Hong and Ding Wang",

booktitle = "Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers",

}

TY - GEN

T1 - Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports

AU - Ren, Hansong

AU - Li, Xuejun

AU - Lei, Liao

AU - Ou, Guoliang

AU - Sun, Hongyu

AU - Wu, Gaofei

AU - Tian, Xiao

AU - Hu, Jinglu

AU - Zhang, Yuqing

N1 - Funding Information: Keywords: Security breach · Natural language processing · Deep learning · Security vulnerability databases This work was supported by the National Key Research and Development Program of China (2018YFB0804701), the Key Research and Development Program of Hainan Province (ZDYF202012), Guangxi Key Laboratory of Cryptography and Information Security (No. GCIS202123). Publisher Copyright: © 2022, Springer Nature Singapore Pte Ltd.

PY - 2022

Y1 - 2022

N2 - At present, the vulnerability database research has mainly focused on whether the disclosed information is accurate. However, the information differences between the various vulnerability databases have received little attention. This article proposes a WITTY (softWare versIon inconsisTency measuremenT sYstem) to detect the differences between the affected software versions of NVD and different language vulnerability databases (including English CVE, OpenWall, Chinese CNNVD, CNVD, and other eight databases). WITTY can enable Our large-scale quantitative information consistency. We introduce named entity recognition (NER) and relation extraction (RE) based on deep learning. We present custom design into named entity recognition (NER) and relation extraction (RE) based on deep learning, enabling WITTY to recognize previously invisible software names and versions based on sentence structure and context. Ground-truth shows that the system has a high accuracy rate (95.3% accuracy rate, 89.9% recall rate). We use data from 8 vulnerability databases in the past 21 years, involving 554,725 vulnerability reports. The results show that they are inconsistent. The software version is prevalent. The average exact match rate of English vulnerability databases CVE, OpenWall, and other vulnerability databases with cve is only 22.1%. The average exact match rate of Chinese CNNVD and CNVD is 49.5%, and the excat match rate of Russian vulnerability databases is 25.8%.

AB - At present, the vulnerability database research has mainly focused on whether the disclosed information is accurate. However, the information differences between the various vulnerability databases have received little attention. This article proposes a WITTY (softWare versIon inconsisTency measuremenT sYstem) to detect the differences between the affected software versions of NVD and different language vulnerability databases (including English CVE, OpenWall, Chinese CNNVD, CNVD, and other eight databases). WITTY can enable Our large-scale quantitative information consistency. We introduce named entity recognition (NER) and relation extraction (RE) based on deep learning. We present custom design into named entity recognition (NER) and relation extraction (RE) based on deep learning, enabling WITTY to recognize previously invisible software names and versions based on sentence structure and context. Ground-truth shows that the system has a high accuracy rate (95.3% accuracy rate, 89.9% recall rate). We use data from 8 vulnerability databases in the past 21 years, involving 554,725 vulnerability reports. The results show that they are inconsistent. The software version is prevalent. The average exact match rate of English vulnerability databases CVE, OpenWall, and other vulnerability databases with cve is only 22.1%. The average exact match rate of Chinese CNNVD and CNVD is 49.5%, and the excat match rate of Russian vulnerability databases is 25.8%.

KW - Deep learning

KW - Natural language processing

KW - Security breach

KW - Security vulnerability databases

UR - http://www.scopus.com/inward/record.url?scp=85126207009&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85126207009&partnerID=8YFLogxK

U2 - 10.1007/978-981-19-0523-0_6

DO - 10.1007/978-981-19-0523-0_6

M3 - Conference contribution

AN - SCOPUS:85126207009

SN - 9789811905223

T3 - Communications in Computer and Information Science

SP - 78

EP - 99

BT - Frontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers

A2 - Cao, Chunjie

A2 - Zhang, Yuqing

A2 - Hong, Yuan

A2 - Wang, Ding

PB - Springer Science and Business Media Deutschland GmbH

T2 - 4th International Conference on Frontiers in Cyber Security, FCS 2021

Y2 - 17 December 2021 through 19 December 2021

ER -

Detecting Inconsistent Vulnerable Software Version in Security Vulnerability Reports

抄録

出版物シリーズ

Conference

ASJC Scopus subject areas

文献へのアクセス

他のファイルとリンク

フィンガープリント

引用スタイル