Automatic exploit assessment based on deep learning methods

Assessing and prioritizing programs that exploit software vulnerabilities and are used to carry out cyberattacks on a computer system (exploits) is crucial for effectively responding to cyberattacks. This paper presents a method for automatically assessing exploits, where a model is trained to classify exploits using deep learning methods during the design stage, and the trained model is used to derive an assessment of the exploit's criticality during the operation stage. The methodology is based on the hypothesis that the complexity of using an exploit, its consequences, and its assessment depend on the vulnerability being exploited and the source code of the exploit. This proposed methodology differs from existing ones by using the CodeBERT model to classify exploits based on a marked set of exploit source codes and by marking exploit source codes according to the assessments of associated vulnerabilities using the CVSS (Common Vulnerability Scoring System) version 2.0 vulnerability assessment system. For the experimental evaluation of the developed methodology, data sources (Exploits-DB exploit database and NVD vulnerability database) and initial data for experiments were identified, statistical analysis was performed, and an experimental assessment of the accuracy of exploit classification was carried out. The results obtained can be used in designing automatic exploit assessment systems as part of measures to monitor and improve the security of information systems.