VASE: A twitter-based vulnerability analysis and score engine

Haipeng Chen, Jing Liu, Rui Liu, Noseong Park, V. S. Subrahmanian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

When a new vulnerability is discovered, a Common Vulnerability and Exposure (CVE) number is publicly assigned to it. The vulnerability is then analyzed by the US National Institute of Standards and Technology (NIST) whose Common Vulnerability Scoring System (CVSS) evaluates a severity score that ranges from 0 to 10 for the vulnerability. On average, NIST takes 132.7 days for this - but early knowledge of the CVSS score is critical for enterprise security managers to take defensive actions (e.g. patch prioritization). We present VASE (Vulnerability Analysis and Scoring Engine) that uses Twitter discussions about CVEs to predict CVSS scores before the official assessments from NIST. In order to leverage the intrinsic correlations between different vulnerabilities, VASE adopts a graph convolutional network (GCN) model in which nodes correspond to CVEs. In addition, we propose a novel attention-based input embedding method to extract useful latent features for each CVE node. We show on real-world data that VASE obtains a mean absolute error (MAE) of 1.255 for predicting the CVSS score using only three days of Twitter discussion data after the date a vulnerability is first mentioned on Twitter. VASE can provide predictions for the CVSS scores for 37.85% of the CVEs at least one week earlier than the official assessments by NIST.

Original languageEnglish
Title of host publicationProceedings - 19th IEEE International Conference on Data Mining, ICDM 2019
EditorsJianyong Wang, Kyuseok Shim, Xindong Wu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages976-981
Number of pages6
ISBN (Electronic)9781728146034
DOIs
Publication statusPublished - 2019 Nov
Event19th IEEE International Conference on Data Mining, ICDM 2019 - Beijing, China
Duration: 2019 Nov 82019 Nov 11

Publication series

NameProceedings - IEEE International Conference on Data Mining, ICDM
Volume2019-November
ISSN (Print)1550-4786

Conference

Conference19th IEEE International Conference on Data Mining, ICDM 2019
CountryChina
CityBeijing
Period19/11/819/11/11

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Fingerprint Dive into the research topics of 'VASE: A twitter-based vulnerability analysis and score engine'. Together they form a unique fingerprint.

  • Cite this

    Chen, H., Liu, J., Liu, R., Park, N., & Subrahmanian, V. S. (2019). VASE: A twitter-based vulnerability analysis and score engine. In J. Wang, K. Shim, & X. Wu (Eds.), Proceedings - 19th IEEE International Conference on Data Mining, ICDM 2019 (pp. 976-981). [8970796] (Proceedings - IEEE International Conference on Data Mining, ICDM; Vol. 2019-November). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDM.2019.00110