基于软提示微调和强化学习的网络安全命名实体识别方法研究

田泽庶; 刘春雨; 张云婷; 张嘉宇; 孟超; 张宏莉

doi:10.11959/j.issn.1000-436x.2024183

您当前的位置：

首页 >

文章列表页 >

基于软提示微调和强化学习的网络安全命名实体识别方法研究

学术论文 | 更新时间：2024-11-14

- 基于软提示微调和强化学习的网络安全命名实体识别方法研究
- Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning
- 通信学报 2024年45卷第10期页码：1-16
- 作者机构：
  
  哈尔滨工业大学计算学部，黑龙江哈尔滨 150001
- 作者简介：
  
  [ "田泽庶（1997- ），男，黑龙江哈尔滨人，哈尔滨工业大学博士生，主要研究方向为信息抽取、知识图谱构建等。" ]
  刘春雨（1994- ），女，黑龙江哈尔滨人，哈尔滨工业大学博士生，主要研究方向为城市计算、服务计算等。
  张云婷（1997- ），女，黑龙江哈尔滨人，哈尔滨工业大学博士生，主要研究方向为网络与信息安全、对抗文本生成等。
  张嘉宇（1997- ），男，山西太原人，哈尔滨工业大学博士生，主要研究方向为知识图谱构建、社交立场分析等。
  孟超（1991- ），男，河南鹿邑人，哈尔滨工业大学博士生，主要研究方向为社交网络分析、社交立场分析等。
  张宏莉（1973- ），女，吉林榆树人，博士，哈尔滨工业大学教授、博士生导师，主要研究方向为社交网络分析、网络与信息安全等。zhanghongli@hit.edu.cn
- 基金信息：
  
  国家重点研发计划基金资助项目(2016QY03D0501;2017YFB0803304);黑龙江省自然科学基金资助项目(LH2023F018)
- DOI：10.11959/j.issn.1000-436x.2024183
  中图分类号： TP389.1
- 收稿日期：2024-07-04，
  
  修回日期：2024-09-29，
  
  纸质出版日期：2024-10-25
- 稿件说明：
移动端阅览
田泽庶,刘春雨,张云婷等.基于软提示微调和强化学习的网络安全命名实体识别方法研究[J].通信学报,2024,45(10):1-16.

TIAN Zeshu,LIU Chunyu,ZHANG Yunting,et al.Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning[J].Journal on Communications,2024,45(10):1-16.
田泽庶,刘春雨,张云婷等.基于软提示微调和强化学习的网络安全命名实体识别方法研究[J].通信学报,2024,45(10):1-16. DOI： 10.11959/j.issn.1000-436x.2024183.

TIAN Zeshu,LIU Chunyu,ZHANG Yunting,et al.Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning[J].Journal on Communications,2024,45(10):1-16. DOI： 10.11959/j.issn.1000-436x.2024183.

摘要

随着网络技术的迅猛发展，新型网络安全威胁不断涌现，网络安全命名实体识别重要性日益增加。针对现有基于大语言模型的命名实体识别方法在网络安全领域识别准确率差的问题，提出了一种结合软提示微调和强化学习的网络安全命名实体识别方法。通过结合软提示微调技术，针对网络安全领域的复杂性，精细调整大语言模型的识别能力，提升模型对网络安全命名实体的识别准确率，同时优化训练效率。此外，提出了基于强化学习的网络安全实体筛选器，可以有效去除训练集中的低质量标注，从而提升识别准确率。在2个开源基准网络安全实体识别数据集上评估了所提方法，实验结果表明，所提方法的F1值优于现有最佳的网络安全命名实体识别方法。

Abstract

As network technology rapidly advanced

new cybersecurity threats constantly emerged

increasing the importance of cybersecurity named entity recognition. To address the problem of poor recognition accuracy in named entity recognition methods based on large language models in the cybersecurity domain

a novel cybersecurity named entity recognition method that combined soft prompt tuning and reinforcement learning was proposed. By integrating the soft prompt tuning technique

the method precisely adjusted the recognition capabilities of large language models to handle the complexity of the cybersecurity domain

improving recognition accuracy for cybersecurity named entities while optimizing training efficiency. Additionally

a reinforcement learning-based instance filter was proposed

which effectively removed low-quality annotations from the training set

further enhancing recognition accuracy. The proposed method was evaluated on two benchmark cybersecurity NER datasets

with experimental results demonstrating superior performance in F1 score compared to state-of-the-art cybersecurity NER methods.

关键词

Keywords

references

MOURA G C M , HEIDEMANN J . Vulnerability disclosure considered stressful [J ] . ACM SIGCOMM Computer Communication Review , 2023 , 53 ( 2 ): 2 - 10 .

GLYDER J , THREATT A K , FRANKS R , et al . Some analysis of common vulnerabilities and exposures (CVE) data from the national vulnerability database (NVD) [C ] // Proceedings of the Conference on Information Systems Applied Research . Piscataway : IEEE Press , 2021 : 1 - 7 .

GIANNAKOPOULOS T , MALIATSOS K . On the usage of NLP on CVE descriptions for calculating risk [C ] // European Symposium on Research in Computer Security . Berlin : Springer , 2024 : 104 - 123 .

KUEHN P , BAYER M , WENDELBORN M , et al . OVANA: an approach to analyze and improve the information quality of vulnerability databases [C ] // Proceedings of the 16th International Conference on Availability, Reliability and Security . New York : ACM Press , 2021 : 1 - 11 .

OKUTAN A , MELL P , MIRAKHORLI M , et al . Empirical validation of automated vulnerability curation and characterization [J ] . IEEE Transactions on Software Engineering , 2023 , 49 ( 5 ): 3241 - 3260 .

PRASAD S G , SHARMILA V C , BADRINARAYANAN M K . Role of artificial intelligence based chat generative pre-trained transformer (ChatGPT) in cyber security [C ] // Proceedings of the 2023 2nd International Conference on Applied Artificial Intelligence and Computing (ICAAIC) . Piscataway : IEEE Press , 2023 : 107 - 114 .

DING N , QIN Y , YANG G , et al . Parameter-efficient fine-tuning of large-scale pre-trained language models [J ] . Nature Machine Intelligence , 2023 , 5 ( 3 ): 220 - 235 .

XU Y J , TAN X B , TONG X , et al . A robust Chinese named entity recognition method based on integrating dual-layer features and CSBERT [J ] . Applied Sciences , 2024 , 14 ( 3 ): 1060 .

SRIVASTAVA S , PAUL B , GUPTA D . Study of word embeddings for enhanced cyber security named entity recognition [J ] . Procedia Computer Science , 2023 , 218 : 449 - 460 .

DOWNEY D , BROADHEAD M , ETZIONI O . Locating complex named entities in web text [C ] // Proceedings of the 20th International Joint Conference on Artifical Intelligence . New York : ACM Press , 2007 : 2733 - 2739

MORWAL S . Named entity recognition using hidden Markov model (HMM) [J ] . International Journal on Natural Language Computing , 2012 , 1 ( 4 ): 15 - 23 .

MANSOURI A , AFFENDY L S , MAMAT A . A new fuzzy support vector machine method for named entity recognition [C ] // Proceedings of the 2008 International Conference on Computer Science and Information Technology . Piscataway : IEEE Press , 2008 : 24 - 28 .

MCDONALD R , HALL K , MANN G . Distributed training strategies for the structured perceptron [C ] // Human Language Technologies: The 2010 Annual Conference of the North American Chapter of the Association for Computational Linguistics . New York : ACM Press , 2010 : 456 - 464 .

PATIL N , PATIL A , PAWAR B V . Named entity recognition using conditional random fields [J ] . Procedia Computer Science , 2020 , 167 : 1181 - 1188 .

MULWAD V , LI W J , JOSHI A , et al . Extracting information about security vulnerabilities from web text [C ] // Proceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology . Piscataway : IEEE Press , 2011 : 257 - 260 .

LAL R . Information extraction of security related entities and concepts from unstructured text [D ] . Baltimore : University of Maryland Baltimore County , 2013

WEERAWARDHANA S , MUKHERJEE S , RAY I , et al . Automated extraction of vulnerability information for home computer security [C ] // International Symposium on Foundations and Practice of Security . Berlin : Springer , 2015 : 356 - 366 .

COLLOBERT R , WESTON J , BOTTOU L , et al . Natural language processing (almost) from scratch [J ] . Journal of Machine Learning Research , 2011 , 12 : 2493 - 2537 .

HUANG Z , XU W , YU K . Bidirectional LSTM-CRF models for sequence tagging [J ] . arXiv Preprint , arXiv: 1508.01991 , 2015 .

KIM G , LEE C , JO J , et al . Automatic extraction of named entities of cyber threats using a deep Bi-LSTM-CRF network [J ] . International Journal of Machine Learning and Cybernetics , 2020 , 11 ( 10 ): 2341 - 2355 .

QIN Y , SHEN G W , ZHAO W B , et al . A network security entity recognition method based on feature template and CNN-BiLSTM-CRF [J ] . Frontiers of Information Technology & Electronic Engineering , 2019 , 20 ( 6 ): 872 - 884 .

SIMRAN K , SRIRAM S , VINAYAKUMAR R , et al . Deep learning approach for intelligent named entity recognition of cyber security [C ] // International Symposium on Signal Processing and Intelligent Recognition Systems . Berlin : Springer , 2020 : 163 - 172 .

ZHOU S , LIU J J , ZHONG X F , et al . Named entity recognition using BERT with whole world masking in cybersecurity domain [C ] // Proceedings of the 2021 IEEE 6th International Conference on Big Data Analytics (ICBDA) . Piscataway : IEEE Press , 2021 : 316 - 320 .

GAO C , ZHANG X , LIU H . Data and knowledge-driven named entity recognition for cyber security [J ] . Cybersecurity , 2021 , 4 ( 1 ): 9 .

WANG X D , LIU J Y . A novel feature integration and entity boundary detection for named entity recognition in cybersecurity [J ] . Knowledge-Based Systems , 2023 , 260 : 110114 .

ZENG A , LIU X , DU Z , et al . GLM-130B: an open bilingual pre-trained model [J ] . arXiv Preprint , arXiv: 2210.02414 , 2022 .

BRIDGES R A , JONES C L , IANNACONE M D , et al . Automatic labeling for entity extraction in cyber security [J ] . arXiv Preprint , arXiv: 1308.4941 , 2013 .

ALAM M T , BHUSAL D , PARK Y , et al . CyNER: apython library for cybersecurity named entity recognition [J ] . arXiv Preprint , arXiv: 2204.05754 , 2022 .

ABDULLAH M S , ZAINAL A , MAAROF M A , et al . Cyber-attack features for detecting cyber threat incidents from online news [C ] // Proceedings of the 2018 Cyber Resilience Conference (CRC) . Piscataway : IEEE Press , 2018 : 1 - 4 .

WU X J , ZHANG T Q , YUAN S , et al . One improved model of named entity recognition by combining BERT and BiLSTM-CNN for domain of Chinese railway construction [C ] // Proceedings of the 2022 7th International Conference on Intelligent Computing and Signal Processing (ICSP) . Piscataway : IEEE Press , 2022 : 728 - 732 .

JIE Z , LU W . Dependency-guided LSTM-CRF for named entity recognition [J ] . arXiv Preprint , arXiv: 1909.10148 , 2019 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于审计博弈的安全协作频谱感知方案

基于强化学习的在线离线混部云环境下的调度框架

基于深度强化学习的微服务多维动态防御策略研究

面向智能渗透攻击的欺骗防御方法

基于深度强化学习的可见光定位通信一体化功率分配研究