A novel transformer-based multi-step approach for predicting common vulnerability severity score

dc.contributor.advisorGhorbani, Ali A.
dc.contributor.advisorIsah, Haruna
dc.contributor.authorBahmanisangesari, Saeid
dc.date.accessioned2024-07-18T16:49:28Z
dc.date.available2024-07-18T16:49:28Z
dc.date.issued2024-06
dc.description.abstractThe timely prediction of Common Vulnerability Severity Scores (CVSS) following the release of Common Vulnerabilities and Exposures (CVE) announcements is crucial for enhancing cybersecurity responsiveness. A delay in acquiring these scores may make it more difficult to prioritize risks effectively, resulting in the misallocation of resources and a delay in mitigating actions. Long exposure to untreated vulnerabilities also raises the possibility of exploitative attacks, which could lead to serious breaches of security that compromise data integrity and harm users and organizations. This thesis develops a multi-step predictive model that leverages DistilBERT, a distilled version of the BERT architecture, and Artificial Neural Networks (ANNs) to predict CVSS scores prior to their official release. Utilizing a dataset from the National Vulnerability Database (NVD), the research examines the effectiveness of incorporating contextual information from CVE source identifiers and the benefits of incremental learning in improving model accuracy. The models achieved better results compared to the top-performing models among other works with an average accuracy of 91.96% in predicting CVSS category scores and an average F1 score of 91.87%. The results demonstrate the model’s capability to predict CVSS scores across multiple categories effectively, thereby potentially reducing the response time to cybersecurity threats.
dc.description.copyright© Saeid Bahmanisangesari, 2024
dc.format.extentxiii, 111
dc.format.mediumelectronic
dc.identifier.urihttps://unbscholar.lib.unb.ca/handle/1882/38052
dc.language.isoen
dc.publisherUniversity of New Brunswick
dc.rightshttp://purl.org/coar/access_right/c_abf2
dc.subject.disciplineComputer Science
dc.titleA novel transformer-based multi-step approach for predicting common vulnerability severity score
dc.typemaster thesis
oaire.license.conditionother
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of New Brunswick
thesis.degree.levelmasters
thesis.degree.nameM.C.S.

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Saeid Bahmanisangesari - Thesis.pdf
Size:
2.46 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.13 KB
Format:
Item-specific license agreed upon to submission
Description: