University of Twente Student Theses
CWE-ASSIST: A framework for automating CWE classification
Oostveen, R. (2024) CWE-ASSIST: A framework for automating CWE classification.
This is the latest version of this item.
|
PDF
569kB |
| Abstract: | In this paper, we propose a new method to re-classify weaknesses in vulnerabilities with more labels. We do so through a classification model that generates an abundance of relevant weakness labels, in our experiments this abundance of labels already create significant F1-score improvement, however with a lower precision. We then use these generated labels as suggestions for experts to review, generating a new set of expert curated labels. These curated labels then become new dataset labels and are used retraining our classification model thresholds. Our experiments demonstrate that utilizing even small datasets of expert evaluations can lead to a significant precision improvement while maintaining a similar F1-score compared abundance of labels. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/104547 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page