Automated Extraction of Vulnerability Information for Home Computer Security [chapter]

Sachini Weerawardhana, Subhojeet Mukherjee, Indrajit Ray, Adele Howe
2015 Lecture Notes in Computer Science  
Online vulnerability databases provide a wealth of information pertaining to vulnerabilities that are present in computer application software, operating systems, and firmware. Extracting useful information from these databases that can subsequently be utilized by applications such as vulnerability scanners and security monitoring tools can be a challenging task. This paper presents two approaches to information extraction from online vulnerability databases: a machine learning based solution
more » ... d a solution that exploits linguistic patterns elucidated by part-of-speech tagging. These two systems are evaluated to compare accuracy in recognizing security concepts in previously unseen vulnerability description texts. We discuss design considerations that should be taken into account in implementing information retrieval systems for security domain.
doi:10.1007/978-3-319-17040-4_24 fatcat:fugaasniarcivd62rp2yjhx6fq