- Angelina Shibu 2001CS06
- Sanskriti Singh 2001CS60
- run the below code to load pretrained model and predict on the default testing data
python predictScoreCVSSV3.py -p 'testData' -s True -v TrueFollow the steps to download the dataset and train the model, then predict
- Step 1: Download datasets from NVD feeds.
python updateDB.py- Step 2: Train machine-learning models for different CVSS V3 mechanisms and store them.
python trainScoreCVSSV3.py- Step 3: Using the trained machine-learning models to predict CVSS V3 scores for any vulnerability document.
python predictScoreCVSSV3.py -p 'testData' -s True -v TrueThe purpose here is to be able to automatically assign a severity score to any vulnerability instance with a descriptive report, using the CVSS Version 3 standard. Two examples are shown below, whereby the TestingSamples have labels initially set as (CVSS score = 0) and other values as "l", and the labels of the PredictedSamples are predicted by the trained machine-learning models.
- Machine-learning model: Logistic Regression algorithm is utilised to show the applicability of the proposed approach. Any other machine-learning model can be applied to further improve the model performances.
| CVE_ID | CVSS V3 Score | Attack Vector | Attack Complexity | Privileges Required | User Interaction | Scope | Confidentiality Impact | Integrity Impact | Availability Impact |
|---|---|---|---|---|---|---|---|---|---|
| CVE-2008-0176 | 9.8 | Network | Low | NaN | NaN | Unchanged | High | High | High |
| CVE-2010-4597 | 8.8 | Network | Low | NaN | Required | Unchanged | High | High | High |
| CVE-2011-1562 | 9.8 | Network | Low | NaN | NaN | Unchanged | High | High | High |
| CVE-2011-1563 | 9.8 | Network | Low | NaN | NaN | Unchanged | High | High | High |
- Refer
testDataResult/test_predicted.csvfor the predictions generated.