Threat Analysis Using Topic Models in Large-Scale Vulnerability Databases and Security Incident Case Documents

Threat Analysis Using Topic Models in Large-Scale Vulnerability Databases and Security Incident Case Documents

It is crucial to design products bearing security in mind from the initial development stage. Consequently, many threat analysis support tools have been developed. However, it is difficult to determine the inherent threats in various designed documents written in natural language, which is used in t...

Full description

Saved in:
Bibliographic Details
Published in:2021 IEEE International Symposium on Technologies for Homeland Security (HST) pp. 1 - 6
Main Authors: Koyanagi, Hiroki, Takaragi, Kazuo, Wohlgemuth, Sven, Umezawa, Katsuyuki
Format: Conference Proceeding
Language:English
Published: IEEE 08-11-2021
Subjects:
Analytical models
Data models
Natural language processing
Natural languages
Security
Topic model
Vulnerability Information
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It is crucial to design products bearing security in mind from the initial development stage. Consequently, many threat analysis support tools have been developed. However, it is difficult to determine the inherent threats in various designed documents written in natural language, which is used in the initial development stage. It is not uncommon to find attacks that closely resemble past attacks. In addition, many designs are limited in the number of data they can handle. We propose a method of extracting existing vulnerabilities similar to those used in the attack by collating a large vulnerability database with existing attack cases using Latent Dirichlet Allocation, one of the topic model methods. We apply the proposed method to several cases and verify its effectiveness.
DOI:10.1109/HST53381.2021.9619846