Multi-Class vs. Multi-Label BERT for CVE-to-CWE Mapping: How Taxonomy Structure Shapes the Errors
ArXiv cs.LG ·
01 / At a Glance
This research compares multi-class versus multi-label BERT approaches for mapping CVEs (Common Vulnerabilities and Exposures) to CWEs (Common Weakness Enumerations), revealing how different taxonomy structures affect classification error patterns. The findings highlight that taxonomy design choices significantly impact model performance in security vulnerability categorization, with implications for how organizations structure and automate security metadata management.
02 / Full Analysis
This research compares multi-class versus multi-label BERT approaches for mapping CVEs (Common Vulnerabilities and Exposures) to CWEs (Common Weakness Enumerations), revealing how different taxonomy structures affect classification error patterns. The findings highlight that taxonomy design choices significantly impact model performance in security vulnerability categorization, with implications for how organizations structure and automate security metadata management. For enterprises relying on vulnerability management systems, understanding these modeling trade-offs can improve the accuracy of automated security assessments.
03 / QM Perspective
High-quality data pipelines remain the most consistent bottleneck in enterprise AI maturity. QuettaMinds helps clients close the gap between raw data assets and production-ready AI inputs.
Original source
Read on ArXiv cs.LG ↗AI-assisted summary of a third-party source, human-reviewed before publishing.
Stay ahead