Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment
No Thumbnail Available
Date
2019-08-26
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
IEEE
Abstract
Software vulnerability analysis is one of the critical
issues in the software industry, and vulnerability classification
plays a major role in this analysis. A typical vulnerability classification
model usually involves a stage of term selection, in which
the relevant terms are identified via feature selection. It also involves
a stage of term weighting, in which document weights for
the selected terms are computed, and a stage for classifier learning.
Generally, the term frequency-inverse document frequency
(TF-IDF) is the most widely used term-weighting method. However,
empirical evidence shows that the TF-IDF is plagued with
issues pertaining to its effectiveness. This paper introduces a new
approach for vulnerability classification, which is based on term
frequency and inverse gravity moment (TF-IGM). The proposed
method is validated by empirical experiments using three machine
learning algorithms on ten publicly available vulnerability
datasets. The result shows that TF-IGM outperforms the benchmark
method across the applications studied.
Description
Research Article
Keywords
Software vulnerability, Classification, Text mining, Term weighting, Term-frequency-inverse gravity moment
Citation
P. K. Kudjo, J. Chen, M. Zhou, S. Mensah and R. Huang, "Improving the Accuracy of Vulnerability Report Classification Using Term Frequency-Inverse Gravity Moment," 2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS), Sofia, Bulgaria, 2019, pp. 248-259. doi: 10.1109/QRS.2019.00041