Automated Mapping of CVE Vulnerability Records to MITRE CWE Weaknesses. (arXiv:2304.11130v1 [cs.CR])

In recent years, a proliferation of cyber-security threats and diversity has
been on the rise culminating in an increase in their reporting and analysis. To
counter that, many non-profit organizations have emerged in this domain, such
as MITRE and OSWAP, which have been actively tracking vulnerabilities, and
publishing defense recommendations in standardized formats. As producing data
in such formats manually is very time-consuming, there have been some proposals
to automate the process. Unfortunately, a major obstacle to adopting supervised
machine …

analysis automated consuming counter cve cwe cyber data defense diversity domain machine machine learning major mapping mitre non non-profit organizations problem process producing profit proliferation proposals publishing recommendations reporting security security threats threats tracking vulnerabilities vulnerability