Conference paper Open Access

Automatic Part-of-Speech Tagging for Security Vulnerability Descriptions

Yitagesu, Sofonias; Zhang, Xiaowang; Feng, Zhiyong; Li, Xiaohong; Xing, Zhenchang


DCAT Export

<?xml version='1.0' encoding='utf-8'?>
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:adms="http://www.w3.org/ns/adms#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dct="http://purl.org/dc/terms/" xmlns:dctype="http://purl.org/dc/dcmitype/" xmlns:dcat="http://www.w3.org/ns/dcat#" xmlns:duv="http://www.w3.org/ns/duv#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:frapo="http://purl.org/cerif/frapo/" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" xmlns:gsp="http://www.opengis.net/ont/geosparql#" xmlns:locn="http://www.w3.org/ns/locn#" xmlns:org="http://www.w3.org/ns/org#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:prov="http://www.w3.org/ns/prov#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:schema="http://schema.org/" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:vcard="http://www.w3.org/2006/vcard/ns#" xmlns:wdrs="http://www.w3.org/2007/05/powder-s#">
  <rdf:Description rdf:about="https://doi.org/10.5281/zenodo.4632063">
    <dct:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://doi.org/10.5281/zenodo.4632063</dct:identifier>
    <foaf:page rdf:resource="https://doi.org/10.5281/zenodo.4632063"/>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Yitagesu, Sofonias</foaf:name>
        <foaf:givenName>Sofonias</foaf:givenName>
        <foaf:familyName>Yitagesu</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>Tianjin University, China</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Zhang, Xiaowang</foaf:name>
        <foaf:givenName>Xiaowang</foaf:givenName>
        <foaf:familyName>Zhang</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>Tianjin University, China</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Feng, Zhiyong</foaf:name>
        <foaf:givenName>Zhiyong</foaf:givenName>
        <foaf:familyName>Feng</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>Tianjin University, China</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Li, Xiaohong</foaf:name>
        <foaf:givenName>Xiaohong</foaf:givenName>
        <foaf:familyName>Li</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>Tianjin University, China</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:creator>
      <rdf:Description>
        <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/Agent"/>
        <foaf:name>Xing, Zhenchang</foaf:name>
        <foaf:givenName>Zhenchang</foaf:givenName>
        <foaf:familyName>Xing</foaf:familyName>
        <org:memberOf>
          <foaf:Organization>
            <foaf:name>Australian National University, Australia</foaf:name>
          </foaf:Organization>
        </org:memberOf>
      </rdf:Description>
    </dct:creator>
    <dct:title>Automatic Part-of-Speech Tagging for Security Vulnerability Descriptions</dct:title>
    <dct:publisher>
      <foaf:Agent>
        <foaf:name>Zenodo</foaf:name>
      </foaf:Agent>
    </dct:publisher>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#gYear">2021</dct:issued>
    <dcat:keyword>Fine-Tuning, Part-of-Speech tagging, Unsupervised word embedding, Security vulnerability descriptions</dcat:keyword>
    <dct:issued rdf:datatype="http://www.w3.org/2001/XMLSchema#date">2021-03-23</dct:issued>
    <dct:language rdf:resource="http://publications.europa.eu/resource/authority/language/ENG"/>
    <owl:sameAs rdf:resource="https://zenodo.org/record/4632063"/>
    <adms:identifier>
      <adms:Identifier>
        <skos:notation rdf:datatype="http://www.w3.org/2001/XMLSchema#anyURI">https://zenodo.org/record/4632063</skos:notation>
        <adms:schemeAgency>url</adms:schemeAgency>
      </adms:Identifier>
    </adms:identifier>
    <dct:isVersionOf rdf:resource="https://doi.org/10.5281/zenodo.4632062"/>
    <dct:description>&lt;p&gt;Abstract&amp;mdash;In this paper, we study the problem of part-of-speech (POS) tagging for security vulnerability descriptions (SVD). In&lt;br&gt; contrast to newswire articles, SVD often contains a high-level natural language description of the text composed of mixed&lt;br&gt; language studded with codes, domain-specific jargon, vague language, and abbreviations. Moreover, training data dedicated&lt;br&gt; to security vulnerability research is not widely available. Existing neural network-based POS tagging has often relied on manually&lt;br&gt; annotated training data or applying natural language processing (NLP) techniques, suffering from two significant drawbacks. The&lt;br&gt; former is extremely time-consuming and requires labor-intensive feature engineering and expertise. The latter is inadequate to&lt;br&gt; identify linguistically-informed words specific to the SVD domain. In this paper, we propose an automatic approach to assign POS&lt;br&gt; tags to tokens in SVD. Our approach uses the character-level representation to automatically extract orthographic features and&lt;br&gt; unsupervised word embeddings to capture meaningful syntactic and semantic regularities from SVD. The character level representations are then concatenated with the word embedding as a combined feature, which is then learned and used to predict&lt;br&gt; the POS tagging. To deal with the issue of the poor availability of annotated security vulnerability data, we implement a finetuning approach. Our approach provides public access to a POS annotated corpus of &amp;sim;8M tokens, which serves as a training dataset in this domain. Our evaluation results show a significant improvement in accuracy (17.72%-28.22%) of POS tagging in SVD over the current approaches.&lt;/p&gt;</dct:description>
    <dct:accessRights rdf:resource="http://publications.europa.eu/resource/authority/access-right/PUBLIC"/>
    <dct:accessRights>
      <dct:RightsStatement rdf:about="info:eu-repo/semantics/openAccess">
        <rdfs:label>Open Access</rdfs:label>
      </dct:RightsStatement>
    </dct:accessRights>
    <dct:license rdf:resource="https://creativecommons.org/licenses/by/4.0/legalcode"/>
    <dcat:distribution>
      <dcat:Distribution>
        <dcat:accessURL rdf:resource="https://doi.org/10.5281/zenodo.4632063"/>
        <dcat:byteSize>1377678</dcat:byteSize>
        <dcat:downloadURL rdf:resource="https://zenodo.org/record/4632063/files/Automatic Part-of-Speech Tagging for SVD.pdf"/>
        <dcat:mediaType>application/pdf</dcat:mediaType>
      </dcat:Distribution>
    </dcat:distribution>
  </rdf:Description>
</rdf:RDF>
316
257
views
downloads
All versions This version
Views 316316
Downloads 257257
Data volume 354.1 MB354.1 MB
Unique views 290290
Unique downloads 223223

Share

Cite as