Title: A hybrid transformer-based BERT and LSTM approach for vulnerability classification problems

Authors: Mounesh Marali; R. Dhanalakshmi; Narendran Rajagopalan

Addresses: Department of CSE, National Institute of Technology Puducherry, Karaikal, Puducherry 609609, India ' Department of CSE, Indian Institute of Information Technology Tiruchirappalli, Tiruchirappalli, 620012, India ' Department of CSE, National Institute of Technology Puducherry, Karaikal, Puducherry 609609, India

Abstract: Industrial control systems (ICSs) are vulnerable to cyberattacks due to the growing corporate network and internet connectivity. Ensuring proper security and response to cyberattacks is critical as they can impact ICS performance, reliability, safety, and availability, leading to catastrophic losses. Cyber threat intelligence (CTI) helps companies avoid cyberattacks by relying on vulnerability databases such as CVEs from national vulnerability databases (NVDs). However, these databases may include flaws that compromise security solutions and hinder attack mitigation. To address this issue, automated categorisation of vulnerability data using deep learning (DL) is proposed. The study found that LSTM-tuned BERT designs outperform standard models in precision, F1 score, accuracy, and recall. Implementing DL vulnerability categorisation can enhance ICS security and decrease the threat environment.

Keywords: vulnerability; classification; LSTM; BERT; cyber threat intelligence.

DOI: 10.1504/IJMOR.2024.140067

International Journal of Mathematics in Operational Research, 2024 Vol.28 No.3, pp.275 - 295

Received: 07 Sep 2022
Accepted: 15 Dec 2022
Published online: 19 Jul 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article