小样本语义分析的漏洞实体抽取方法

信息安全研究 ›› 2025, Vol. 11 ›› Issue (3): 265-.

小样本语义分析的漏洞实体抽取方法

丁全1张磊2黄帅3查正朋3陶陶4

1(国网安徽省电力有限公司电力科学研究院合肥230601)
2(中国科学技术大学信息科学技术学院合肥230026)
3(中国科学技术大学先进技术研究院合肥230031)
4(安徽工业大学计算机科学与技术学院安徽马鞍山243032)

出版日期:2025-03-18 发布日期:2025-03-31
通讯作者: 丁全硕士，高级工程师.主要研究方向为网络安全、信息技术监督. 394961975@qq.com
作者简介:丁全硕士，高级工程师.主要研究方向为网络安全、信息技术监督. 394961975@qq.com 张磊博士，副研究员.主要研究方向为计算机视觉、NLP、信息检索、多模态语言模型. leizh23@ustc.edu.cn 黄帅硕士研究生.主要研究方向为NLP、网络安全. misaki@mail.ustc.edu.cn 查正朋硕士，研究员.主要研究方向为网络安全、密码应用. zhazp@ustc.edu.cn 陶陶教授.主要研究方向为网络与数据安全. taotao@ahut.edu.cn

A Method for Extracting Vulnerable Entities in Small Sample Semantic Analysis

Ding Quan1, Zhang Lei2, Huang Shuai3, Zha Zhengpeng3, and Tao Tao4

1(Electric Power Science Research Institute, State Grid Anhui Electric Power Co., Ltd., Hefei 230601)
2(School of Information Science and Technology, University of Science and Technology of China, Hefei 230026)
3(Institute of Advanced Technology, University of Science and Technology of China, Hefei 230031)
4(School of Computer Science and Technology, Anhui University of Technology, Ma’anshan, Anhui 243032)

Online:2025-03-18 Published:2025-03-31

摘要/Abstract

摘要： 目前不同信息安全漏洞库标准各异，漏洞数据侧重点不同，关系相对独立，难以快速全面地获取高价值漏洞信息，需建立统一的漏洞实体标准，因此重点对漏洞数据中的实体抽取技术进行研究.大部分漏洞数据以非结构化中英文混合的自然语言形式呈现，基于规则的方法泛化性不强，基于人工智能的方法占用资源过高且依赖大量标注数据，为解决以上问题，提出一种小样本语义分析的漏洞实体抽取方法.该方法使用BERT(bidirectional encoder representations from transformers)预训练漏洞描述数据得到漏洞领域内的预训练模型，以更好地理解漏洞数据，减少对大量标注数据的依赖，此外，采用增量学习的自监督方式提高标注数据非常有限(1785个标注样本).所提模型抽取了漏洞领域中12类漏洞实体，实验结果表明，所提方法在漏洞实体抽取的效果上优于其他抽取模型，F1值达到0.8643，整体的识别性能较高，实现了对漏洞实体的精确抽取.

关键词: 小样本, 语义分析, 漏洞实体抽取, BERT, CRF

Abstract: At the moment, different information security vulnerability databases have different standards, with different focuses on vulnerability data and relatively independent relationships. It is difficult to quickly and comprehensively obtain highvalue vulnerability information, and a unified vulnerability entity standard needs to be established. Therefore, this paper focuses on vulnerability data in entity extraction technology research. The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English, rulebased methods lack robust generalization, deeplearningbased methods occupy too many resources and rely on a large amount of annotated data. To address these issues, this paper presents a vulnerability entity extraction method with small sample semantic analysis. The method employs BERT pretrained vulnerability data to generate a pretrained model within the cybersecurity vulnerability domain, allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data. Additionally, a selfsupervised incremental learning approach is applied to improve model performance with very limited annotated data (1785 samples). The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity, and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities, with an F1 value of 0.8643.

Key words: small sample, semantic analysis, vulnerability entity extraction, BERT, CRF

中图分类号:

TP183

丁全, 张磊, 黄帅, 查正朋, 陶陶, . 小样本语义分析的漏洞实体抽取方法[J]. 信息安全研究, 2025, 11(3): 265-.

参考文献

［1］王颖洁, 张程烨, 白凤波, 等. 中文命名实体识别研究综述［J］. 计算机科学与探索, 2023, 17(2): 324341［2］李冬梅, 罗斯斯, 张小平, 等. 命名实体识别方法研究综述［J］. 计算机科学与探索, 2022, 16(9): 19541968［3］Guo H, Xing Z, Chen S, et al. Key aspects augmentation of vulnerability description based on multiple security databases［C］ Proc of the 45th IEEE Annual Computers, Software, and Applications Conference. Piscataway, NJ: IEEE, 2021: 10201025［4］Hashemi C F, Ray I. Automation of vulnerability information extraction using transformerbased language models［C］ Proc of the 27th European Symp on Research in Computer Security. Berlin: Springer, 2022: 645665［5］Li X, Zhang H, Zhou X H. Chinese clinical named entity recognition with variant neural structures based on BERT methods［J］. Journal of Biomedical Informatics, 2020, 107: 103422103428［6］Jia C, Shi Y, Yang Q, et al. Entity enhanced BERT pretraining for Chinese NER［C］ Proc of the 2020 Conf on Empirical Methods in Natural Language. Stroudsburg, PA: ACL, 2020: 63846396［7］Yang G, Dineen S, Lin Z, et al. Fewsample named entity recognition for security vulnerability reports by finetuning pretrained language models［C］ Proc of the 2021 Deployable Machine Learning for Security Defense. Berlin: Springer, 2021: 5578［8］Peng D L, Wang Y R, Liu C, et al. TLNER: A transfer learning model for Chinese named entity recognition［J］. Information Systems Frontiers, 2020, 22(6): 12911304［9］Sumoto K, Kanakogi K, Washizaki H, et al. Automatic labeling of the elements of a vulnerability report CVE with NLP［C］ Proc of the 23rd Int Conf on Information Reuse and Integration for Data Science. Piscataway, NJ: IEEE, 2022: 164165［10］Wang Y, Sun Y, Ma Z, et al. Named entity recognition in Chinese medical literature using pretraining models［J］. Scientific Programming, 2020, 2020(1): 19［11］Chen S, Pei Y, Ke Z, et al. Lowresource named entity recognition via the pretraining model［J］. Symmetry, 2021, 13(5): 786800［12］Lafferty J, McCallum A, Pereira F C N. Conditional random fields: Probabilistic models for segmenting and labeling sequence data［C］ Proc of the 18th Int Conf on Machine Learning. San Francisco: Morgan Kaufmann, 2001［13］Tai W, Kung H T, Dong X L, et al. exBERT: Extending pretrained models with domainspecific vocabulary under constrained training resources［C］ Proc of the 2020 Meeting of the Association for Computational Linguistics. Stroudsburg, PA: ACL, 2020: 14331439［14］Egger R. Text Representations and Word Embeddings: Vectorizing Textual Data［M］ Applied Data Science in Tourism: Interdisciplinary Approaches, Methodologies, and Applications. Berlin: Springer, 2022: 335361［15］Wang R, Yu T, Zhao H, et al. Fewshot classincremental learning for named entity recognition［C］ Proc of the 60th Annual Meeting of the Association for Computational Linguistics. Stroudsburg, PA: ACL, 2022: 571582［16］Xingyue C, Liping N, Zhiwei N. Extracting financial events with ELECTRA and partofspeech［J］. Data Analysis and Knowledge Discovery, 2021, 5(7): 3647

[1]	陆佳丽, . 基于BertTextCNN的开源威胁情报文本的多标签分类方法[J]. 信息安全研究, 2024, 10(8): 760-.
[2]	陈洪森, 方勇, 郝城凌, 杨运涛, 张棋, . 基于小样本学习的源码漏洞检测[J]. 信息安全研究, 2024, 10(5): 440-.
[3]	罗乐琦, 张艳硕, 王志强, 文津, 薛培阳, . 基于BERT模型的源代码漏洞检测技术研究[J]. 信息安全研究, 2024, 10(4): 294-.
[4]	李娇, 张玉清, 吴亚飚, . 网络安全领域小样本命名实体识别方法[J]. 信息安全研究, 2023, 9(E1): 51-.
[5]	卜天, 张龙, 顾杜娟, 袁军, 章瑞康, 李文瑾, . 用于小样本的网络安全领域信息抽取统一模型[J]. 信息安全研究, 2023, 9(11): 1067-.
[6]	姚锡龙, 崔炳杰, 王瑜, . 应用层加密流量检测解决方案[J]. 信息安全研究, 2022, 8(E1): 35-.
[7]	李洁, 闫乐, 薄钧戈, 吴忠宜, 李成, 蔡维德. 面向信用服务的BPMN智能合约范式研究[J]. 信息安全研究, 2022, 8(5): 475-.
[8]	朱磊董林靖黑新宏王一川彭伟刘雁孝盘隆. 基于中文预训练的安全事件实体识别研究[J]. 信息安全研究, 2021, 7(7): 652-660.
[9]	窦宇宸胡勇. 基于BERT的安全事件命名实体识别研究[J]. 信息安全研究, 2021, 7(3): 242-249.
[10]	刘思琴冯胥睿瑞. 基于BERT的文本情感分析[J]. 信息安全研究, 2020, 6(3): 220-227.
[11]	易楠. 基于语义分析的Webshell检测技术研究[J]. 信息安全研究, 2017, 3(2): 145-150.