0% Complete
English
صفحه اصلی
/
شانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Robustness Gap in NLP Models for Vulnerability Descriptions: Benchmarking and Data Augmentation
نویسندگان :
AmirHossein Majd
1
Mahdi Yousefikia
2
Saghar Ghasemzadeh
3
Amirreza Asari
4
Arya Khoshnavataher
5
Seyedeh Leili Mirtaheri
6
1- University of Calabria
2- دانشگاه خوارزمی
3- دانشگاه خوارزمی
4- دانشگاه خوارزمی
5- دانشگاه خوارزمی
6- University of Calabria
کلمات کلیدی :
Software Vulnerabilities،Natural Language Processing،Robustness Benchmark،Noise Injection،Exploitability Prediction،Data Augmentation،Cybersecurity
چکیده :
Software vulnerability descriptions from CVE/NVD are the primary corpus for analysis, prioritization, and risk management in cybersecurity. Yet natural noise (typos, synonym substitutions, lexical variety) and adversarial perturbations undermine the accuracy and trustworthiness of NLP models. This paper presents, to our knowledge, the first systematic benchmark of NLP robustness on vulnerability descriptions. We train nine diverse architectures—lightweight transformers (MiniLM, MPNet, SBERT), hybrid models (BERT-LSTM, TextRCNN), and classical recurrent networks (BiLSTM, LSTM)—on a balanced dataset of over 56,000 real-world records from NVD and Exploit-DB, and fine-tune them for exploitability prediction. For comprehensive evaluation, we inject three noise families into test sets at levels from 10% to 80%: character-level edits (substitutions/swaps), synonym replacements using WordNet, and composite adversarial attacks generated with TextAttack. Performance declines across all models as noise rises, but vulnerability profiles differ: MiniLM attains the strongest clean-data score (F1 ≈ 0.933) yet is most brittle under character noise, whereas TextRCNN, despite a lower baseline, preserves comparatively higher stability in heavily perturbed conditions. Finally, we test a pragmatic hardening strategy—data augmentation with noisy variants followed by retraining—which consistently narrows robustness gaps across architectures without materially sacrificing clean-data accuracy. The benchmark and code enable reproducible evaluation and future robust modeling in cybersecurity.
لیست مقالات
لیست مقالات بایگانی شده
A Novel Resource Allocation Scheme for Underlaying NOMA-Based Multi-Channel Cognitive D2D Communications
Anahita Akbari - Dr Javad Zeraatkar Moghaddam - Dr Mehrdad Ardebilipour
Smart City Standardized Evaluation :Use Case of Mashhad
Dr ُSeyed Mohammadreza Mirsarraf - Dr Alireza Yari - Dr Navid Zohdi - Ali Motevalizadeh
یادگیری فناورانه و بینالمللیسازی سکوهای پیامرسان: چارچوبی برای بازیگران متأخر
علیرضا کبیری فرد - علی ولی زاده - مهدی مجیدپور
Real-Time EEG-Based Analysis Of Stress-Inducing Stimuli
Mohsen Mahmoudi - Fattaneh Taghiyareh - Yasamin Akhavein - Elnaz Ghorbani
بررسی روشها، مجموعههای داده و معیارهای ارزیابی در حوزهی پرسش از متون درون تصویر
کبری فرشیدی - حسن ختنلو - محرم منصوری زاده - الهام علی قارداش
Low-Power Phase-Based Stochastic MAC for FPGA
Kooroush Manochehri - Amir arsalan Sakhtianchi - Mehrshad Khosraviani
Classification of Personality Traits on Facebook Using Key Phrase Extraction, Language Models and Machine Learning
Faezeh Safari - Abdolah Chalechale
نظرکاوی در سطح مفهوم با استفاده از رویکردی ترکیبی
سیدرضا قادریان خیرآبادی سیدرضا قادریان خیرآبادی -
Distributed Learning Automata-based Algorithm for Finding K-Clique in Complex Social Networks
Mohammad Mehdi Daliri Khomami - Alireza Rezvanian - Ali Mohammad Saghiri - Mohammad Reza Meybodi
Leveraging Retrieval-Augmented Generation for Persian University Knowledge Retrieval
Arshia Hemmat - Mohammad Hassan Heydari - Kianoosh Vadaei - Afsaneh Fatemi
بیشتر
ثمین همایش، سامانه مدیریت کنفرانس ها و جشنواره ها - نگارش 42.5.2