Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment

Patrick Kwaku Kudjo, Jinfu Chen, Minmin Zhou, Solomon Mensah, Rubing Huang

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

17 Citations (Scopus)

Abstract

Software vulnerability analysis is one of the critical issues in the software industry, and vulnerability classification plays a major role in this analysis. A typical vulnerability classification model usually involves a stage of term selection, in which the relevant terms are identified via feature selection. It also involves a stage of term weighting, in which document weights for the selected terms are computed, and a stage for classifier learning. Generally, the term frequency-inverse document frequency (TF-IDF) is the most widely used term-weighting method. However, empirical evidence shows that the TF-IDF is plagued with issues pertaining to its effectiveness. This paper introduces a new approach for vulnerability classification, which is based on term frequency and inverse gravity moment (TF-IGM). The proposed method is validated by empirical experiments using three machine learning algorithms on ten publicly available vulnerability datasets. The result shows that TF-IGM outperforms the benchmark method across the applications studied.

Original languageEnglish
Title of host publicationProceedings - 19th IEEE International Conference on Software Quality, Reliability and Security, QRS 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages248-259
Number of pages12
ISBN (Electronic)9781728139272
DOIs
Publication statusPublished - Jul 2019
Event19th IEEE International Conference on Software Quality, Reliability and Security, QRS 2019 - Sofia
Duration: 22 Jul 201926 Jul 2019

Publication series

NameProceedings - 19th IEEE International Conference on Software Quality, Reliability and Security, QRS 2019

Conference

Conference19th IEEE International Conference on Software Quality, Reliability and Security, QRS 2019
Country/TerritoryBulgaria
CitySofia
Period22/07/1926/07/19

Keywords

  • Software vulnerability, Classification, Term weighting, Text Mining

Fingerprint

Dive into the research topics of 'Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment'. Together they form a unique fingerprint.

Cite this