Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-trained Language Models

Yang, Guo-Jiao; Dineen, Shay; Lin, Zhipeng; Liu, Xueqing

doi:10.1007/978-3-030-87839-9_3

Cited by 9 publications

(1 citation statement)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For the first metric, we tune the alignment threshold during testing and report the highest precision when the recall reaches the given value. A higher recall value is more desirable in the security applications (Yang et al, 2021) to recover the identities of vulnerabilities missing identifiers, where the false positives can be excluded through handful manual verification. For F1 evaluation we use the decision threshold that achieves the highest macro F1 during validation.…”

Section: Experimental Settingsmentioning

confidence: 99%

Cybersecurity Entity Alignment via Masked Graph Attention Networks

Qin¹,

Liao²

2022

Preprint

View full text Add to dashboard Cite

Cybersecurity vulnerability information is often recorded by multiple channels, including government vulnerability repositories, individual-maintained vulnerability-gathering platforms, or vulnerability-disclosure email lists and forums. Integrating vulnerability information from different channels enables comprehensive threat assessment and quick deployment to various security mechanisms. Efforts to automatically gather such information, however, are impeded by the limitations of today's entity alignment techniques. In our study, we annotate the first cybersecuritydomain entity alignment dataset and reveal the unique characteristics of security entities. Based on these observations, we propose the first cybersecurity entity alignment model, CEAM, which equips GNN-based entity alignment with two mechanisms: asymmetric masked aggregation and partitioned attention. Experimental results on cybersecuritydomain entity alignment datasets demonstrate that CEAM significantly outperforms state-ofthe-art entity alignment methods.

show abstract

Section: Experimental Settingsmentioning

confidence: 99%

Cybersecurity Entity Alignment via Masked Graph Attention Networks

Qin¹,

Liao²

2022

Preprint

View full text Add to dashboard Cite

show abstract

Sniping at web applications to discover input-handling vulnerabilities

Brandi,

Perrone,

Romano

2024

J Comput Virol Hack Tech

View full text Add to dashboard Cite

Web applications play a crucial role in modern businesses, offering various services and often exposing sensitive data that can be enticing to attackers. As a result, there is a growing interest in finding innovative approaches for discovering vulnerabilities in web applications. In the evolving landscape of web security, the realm of fuzz testing has garnered substantial attention for its effectiveness in identifying vulnerabilities. However, existing literature has often underemphasized the nuances of web-centric fuzzing methodologies. This article presents a comprehensive exploration of fuzzing techniques specifically tailored to web applications, addressing the gap in the current research. Our work presents a holistic perspective on web-centric fuzzing, introduces a modular architecture that improves fuzzing effectiveness, demonstrates the reusability of certain fuzzing steps, and offers an open-source software package for the broader security community. By addressing these key contributions, we aim to facilitate advancements in web application security, empower researchers to explore new fuzzing techniques, and ultimately enhance the overall cybersecurity landscape.

show abstract

P-TIMA: a framework of T witter threat intelligence mining and analysis based on a prompt-learning NER model

You,

Jiang,

Yang

et al. 2024

The Computer Journal

View full text Add to dashboard Cite

Open-source information platforms such as Twitter continuously provide the latest threat intelligence, including new vulnerabilities and in-the-wild exploitations of advanced persistent threat (APT) groups. Automated extraction of threat intelligence from Twitter has become crucial for defenders to access up-to-date threat knowledge. However, existing studies mainly rely on supervised learning methods to extract threat intelligence knowledge, such as entities, which require a large amount of annotated data. This paper presents Threat Intelligence Mining and Analysis based on Prompt Learning (P-TIMA), a framework specifically crafted for extracting and analyzing threat intelligence from Twitter. P-TIMA employs our innovative few-shot entity recognition method, SecEntPrompt (SEP), built on prompt learning, to extract vulnerability intelligence from Twitter. Additionally, P-TIMA analyzes and profiles the overarching vulnerability intelligence obtained from Twitter, along with in-the-wild exploitation intelligence of APT groups. The SEP improves the average entity recognition F1 score by 3.62-4.40 compared with the best-performing comparison model and outperforms the method based on the large language model on recognition performance and inference time. To validate our framework, we apply P-TIMA to extract vulnerability-related threat intelligence from real Twitter data. Through case studies, we then analyze trends in vulnerability threats and the exploitation capabilities of APT groups. In conclusion, our framework provides a more efficient and accurate method for extracting threat intelligence from Twitter, enabling defenders to stay up-to-date with the latest threat trends and helping them improve their defense strategies against cyber attacks.

show abstract

Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-trained Language Models

Cited by 9 publications

References 26 publications

Cybersecurity Entity Alignment via Masked Graph Attention Networks

Cybersecurity Entity Alignment via Masked Graph Attention Networks

Sniping at web applications to discover input-handling vulnerabilities

P-TIMA: a framework of T witter threat intelligence mining and analysis based on a prompt-learning NER model

Contact Info

Product

Resources

About