Domain-constrained Synthesis of Inconsistent Key Aspects in Textual Vulnerability Descriptions

TL;DR

This paper introduces a domain-constrained LLM framework to synthesize and unify inconsistent textual vulnerability descriptions, improving comprehension, efficiency, and visualization for security analysts.

Contribution

It presents a novel three-stage synthesis framework that captures, evaluates, and fuses TVDs using domain knowledge and entropy, outperforming existing methods.

Findings

F1 score for key aspect augmentation increased from 0.82 to 0.87

Enhanced comprehension and efficiency by over 30%

Digest Labels significantly boost usability in vulnerability analysis

Abstract

Textual Vulnerability Descriptions (TVDs) are crucial for security analysts to understand and address software vulnerabilities. However, the key aspect inconsistencies in TVDs from different repositories pose challenges for achieving a comprehensive understanding of vulnerabilities. Existing approaches aim to mitigate inconsistencies by aligning TVDs with external knowledge bases, but they often discard valuable information and fail to synthesize comprehensive representations. In this paper, we propose a domain-constrained LLM-based synthesis framework for unifying key aspects of TVDs. Our framework consists of three stages: 1) Extraction, guided by rule-based templates to ensure all critical details are captured; 2) Self-evaluation, using domain-specific anchor words to assess semantic variability across sources; and 3) Fusion, leveraging information entropy to reconcile inconsistencies and prioritize relevant details. This framework improves synthesis performance, increasing the F1 score for key aspect augmentation from 0.82 to 0.87, while enhancing comprehension and efficiency by over 30\%. We further develop Digest Labels, a practical tool for visualizing TVDs, which human evaluations show significantly boosts usability.