信息安全研究2025,Vol.11Issue(3):265-274,10.DOI:10.12379/j.issn.2096-1057.2025.03.09
小样本语义分析的漏洞实体抽取方法
A Method for Extracting Vulnerable Entities in Small Sample Semantic Analysis
摘要
Abstract
At the moment,different information security vulnerability databases have different standards,with different focuses on vulnerability data and relatively independent relationships.It is difficult to quickly and comprehensively obtain high-value vulnerability information,and a unified vulnerability entity standard needs to be established.Therefore,this paper focuses on vulnerability data in entity extraction technology research.The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English,rule-based methods lack robust generalization,deep-learning-based methods occupy too many resources and rely on a large amount of annotated data.To address these issues,this paper presents a vulnerability entity extraction method with small sample semantic analysis.The method employs BERT pre-trained vulnerability data to generate a pre-trained model within the cybersecurity vulnerability domain,allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data.Additionally,a self-supervised incremental learning approach is applied to improve model performance with very limited annotated data(1785 samples).The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity,and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities,with an F1 value of 0.864 3.关键词
小样本/语义分析/漏洞实体抽取/BERT/CRFKey words
small sample/semantic analysis/vulnerability entity extraction/BERT/CRF分类
计算机与自动化引用本文复制引用
丁全,张磊,黄帅,查正朋,陶陶..小样本语义分析的漏洞实体抽取方法[J].信息安全研究,2025,11(3):265-274,10.基金项目
安徽省高校协同创新项目(GXXT-2023-021) (GXXT-2023-021)
