基于双注意力机制和改进对抗训练的漏洞分类方法

Vulnerability classification method based on double-attention mechanism andadversarial training

漏洞报告在网络安全中发挥着重要作用,大量且不断增加的漏洞对漏洞分类的效率和准确性提出了巨大挑战。为了缓解漏洞分类深度学习模型无法关注重要特征和容易陷入过拟合的问题,提出了一种新颖的基于双注意力机制和改进对抗训练的漏洞分类方法。首先,提出TextCNN-DA(text convolutional neural network with double attention)模型,将空间注意力和通道注意力机制与TextCNN结合,以更好地关注到重要特征。然后,提出SWV-FGM (single word vector-fast gradient method)算法,对模型进行对抗训练,进而提高模型的鲁棒性和泛化性。在漏洞数据集上与其他基线算法进行了对比,并且对不同漏洞类型数据的表现进行了具体分析,该方法在accuracy、macro-F_1等多项指标上都有更良好的表现,能够更好地完成漏洞分类任务。

Vulnerability reports play a pivotal role in cybersecurity,and the ever-growing number of vulnerabilities challenges the efficiency and accuracy of vulnerability classification.To alleviate issues with deep learning models in vulnerability classification,which often fail to focus on significant features and are prone to overfitting,this paper introduced a novel vulnerability classification approach based on a double attention mechanism and improved adversarial training.Firstly,this paper proposed the TextCNN-DA model,which augmented the conventional TextCNN with spatial and channel attention mechanisms to enhance focus on pertinent features.Furthermore,this paper introduced the SWV-FGM algorithm for adversarial training to increase the robustness and generalization of the model.Comparative analysis with other baseline algorithms on a vulnerability dataset,and specific performance evaluation across different vulnerability types,show that the proposed method outperforms in several key metrics such as accuracy and macro-F 1,effectively advancing vulnerability classification tasks.