Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning

TIAN Zeshu; LIU Chunyu; ZHANG Yunting; ZHANG Jiayu; MENG Chao; ZHANG Hongli

doi:10.11959/j.issn.1000-436x.2024183

您当前的位置：

首页 >

文章列表页 >

Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning

Papers | 更新时间：2024-11-14

- Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning
- Journal on Communications Vol. 45, Issue 10, Pages: 1-16(2024)
- 作者机构：
  
  哈尔滨工业大学计算学部，黑龙江哈尔滨 150001
- 作者简介：
- 基金信息：
  
  The National Key Research and Development Program of China(2016QY03D0501;2017YFB0803304);The Natural Science Foundation of Heilongjiang Province(LH2023F018)
- DOI：10.11959/j.issn.1000-436x.2024183
  CLC： TP389.1
- Received：04 July 2024，
  
  Revised：2024-09-29，
  
  Published：25 October 2024
- 稿件说明：
移动端阅览
田泽庶,刘春雨,张云婷等.基于软提示微调和强化学习的网络安全命名实体识别方法研究[J].通信学报,2024,45(10):1-16.

TIAN Zeshu,LIU Chunyu,ZHANG Yunting,et al.Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning[J].Journal on Communications,2024,45(10):1-16.
田泽庶,刘春雨,张云婷等.基于软提示微调和强化学习的网络安全命名实体识别方法研究[J].通信学报,2024,45(10):1-16. DOI： 10.11959/j.issn.1000-436x.2024183.

TIAN Zeshu,LIU Chunyu,ZHANG Yunting,et al.Research on named entity recognition method in cybersecurity based on soft prompt tuning and reinforcement learning[J].Journal on Communications,2024,45(10):1-16. DOI： 10.11959/j.issn.1000-436x.2024183.

摘要

随着网络技术的迅猛发展，新型网络安全威胁不断涌现，网络安全命名实体识别重要性日益增加。针对现有基于大语言模型的命名实体识别方法在网络安全领域识别准确率差的问题，提出了一种结合软提示微调和强化学习的网络安全命名实体识别方法。通过结合软提示微调技术，针对网络安全领域的复杂性，精细调整大语言模型的识别能力，提升模型对网络安全命名实体的识别准确率，同时优化训练效率。此外，提出了基于强化学习的网络安全实体筛选器，可以有效去除训练集中的低质量标注，从而提升识别准确率。在2个开源基准网络安全实体识别数据集上评估了所提方法，实验结果表明，所提方法的F1值优于现有最佳的网络安全命名实体识别方法。

Abstract

As network technology rapidly advanced

new cybersecurity threats constantly emerged

increasing the importance of cybersecurity named entity recognition. To address the problem of poor recognition accuracy in named entity recognition methods based on large language models in the cybersecurity domain

a novel cybersecurity named entity recognition method that combined soft prompt tuning and reinforcement learning was proposed. By integrating the soft prompt tuning technique

the method precisely adjusted the recognition capabilities of large language models to handle the complexity of the cybersecurity domain

improving recognition accuracy for cybersecurity named entities while optimizing training efficiency. Additionally

a reinforcement learning-based instance filter was proposed

which effectively removed low-quality annotations from the training set

further enhancing recognition accuracy. The proposed method was evaluated on two benchmark cybersecurity NER datasets

with experimental results demonstrating superior performance in F1 score compared to state-of-the-art cybersecurity NER methods.

关键词

Keywords

references

MOURA G C M , HEIDEMANN J . Vulnerability disclosure considered stressful [J ] . ACM SIGCOMM Computer Communication Review , 2023 , 53 ( 2 ): 2 - 10 .

GLYDER J , THREATT A K , FRANKS R , et al . Some analysis of common vulnerabilities and exposures (CVE) data from the national vulnerability database (NVD) [C ] // Proceedings of the Conference on Information Systems Applied Research . Piscataway : IEEE Press , 2021 : 1 - 7 .

GIANNAKOPOULOS T , MALIATSOS K . On the usage of NLP on CVE descriptions for calculating risk [C ] // European Symposium on Research in Computer Security . Berlin : Springer , 2024 : 104 - 123 .

KUEHN P , BAYER M , WENDELBORN M , et al . OVANA: an approach to analyze and improve the information quality of vulnerability databases [C ] // Proceedings of the 16th International Conference on Availability, Reliability and Security . New York : ACM Press , 2021 : 1 - 11 .

OKUTAN A , MELL P , MIRAKHORLI M , et al . Empirical validation of automated vulnerability curation and characterization [J ] . IEEE Transactions on Software Engineering , 2023 , 49 ( 5 ): 3241 - 3260 .

PRASAD S G , SHARMILA V C , BADRINARAYANAN M K . Role of artificial intelligence based chat generative pre-trained transformer (ChatGPT) in cyber security [C ] // Proceedings of the 2023 2nd International Conference on Applied Artificial Intelligence and Computing (ICAAIC) . Piscataway : IEEE Press , 2023 : 107 - 114 .

DING N , QIN Y , YANG G , et al . Parameter-efficient fine-tuning of large-scale pre-trained language models [J ] . Nature Machine Intelligence , 2023 , 5 ( 3 ): 220 - 235 .

XU Y J , TAN X B , TONG X , et al . A robust Chinese named entity recognition method based on integrating dual-layer features and CSBERT [J ] . Applied Sciences , 2024 , 14 ( 3 ): 1060 .

SRIVASTAVA S , PAUL B , GUPTA D . Study of word embeddings for enhanced cyber security named entity recognition [J ] . Procedia Computer Science , 2023 , 218 : 449 - 460 .

DOWNEY D , BROADHEAD M , ETZIONI O . Locating complex named entities in web text [C ] // Proceedings of the 20th International Joint Conference on Artifical Intelligence . New York : ACM Press , 2007 : 2733 - 2739

MORWAL S . Named entity recognition using hidden Markov model (HMM) [J ] . International Journal on Natural Language Computing , 2012 , 1 ( 4 ): 15 - 23 .

MANSOURI A , AFFENDY L S , MAMAT A . A new fuzzy support vector machine method for named entity recognition [C ] // Proceedings of the 2008 International Conference on Computer Science and Information Technology . Piscataway : IEEE Press , 2008 : 24 - 28 .

MCDONALD R , HALL K , MANN G . Distributed training strategies for the structured perceptron [C ] // Human Language Technologies: The 2010 Annual Conference of the North American Chapter of the Association for Computational Linguistics . New York : ACM Press , 2010 : 456 - 464 .

PATIL N , PATIL A , PAWAR B V . Named entity recognition using conditional random fields [J ] . Procedia Computer Science , 2020 , 167 : 1181 - 1188 .

MULWAD V , LI W J , JOSHI A , et al . Extracting information about security vulnerabilities from web text [C ] // Proceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology . Piscataway : IEEE Press , 2011 : 257 - 260 .

LAL R . Information extraction of security related entities and concepts from unstructured text [D ] . Baltimore : University of Maryland Baltimore County , 2013

WEERAWARDHANA S , MUKHERJEE S , RAY I , et al . Automated extraction of vulnerability information for home computer security [C ] // International Symposium on Foundations and Practice of Security . Berlin : Springer , 2015 : 356 - 366 .

COLLOBERT R , WESTON J , BOTTOU L , et al . Natural language processing (almost) from scratch [J ] . Journal of Machine Learning Research , 2011 , 12 : 2493 - 2537 .

HUANG Z , XU W , YU K . Bidirectional LSTM-CRF models for sequence tagging [J ] . arXiv Preprint , arXiv: 1508.01991 , 2015 .

KIM G , LEE C , JO J , et al . Automatic extraction of named entities of cyber threats using a deep Bi-LSTM-CRF network [J ] . International Journal of Machine Learning and Cybernetics , 2020 , 11 ( 10 ): 2341 - 2355 .

QIN Y , SHEN G W , ZHAO W B , et al . A network security entity recognition method based on feature template and CNN-BiLSTM-CRF [J ] . Frontiers of Information Technology & Electronic Engineering , 2019 , 20 ( 6 ): 872 - 884 .

SIMRAN K , SRIRAM S , VINAYAKUMAR R , et al . Deep learning approach for intelligent named entity recognition of cyber security [C ] // International Symposium on Signal Processing and Intelligent Recognition Systems . Berlin : Springer , 2020 : 163 - 172 .

ZHOU S , LIU J J , ZHONG X F , et al . Named entity recognition using BERT with whole world masking in cybersecurity domain [C ] // Proceedings of the 2021 IEEE 6th International Conference on Big Data Analytics (ICBDA) . Piscataway : IEEE Press , 2021 : 316 - 320 .

GAO C , ZHANG X , LIU H . Data and knowledge-driven named entity recognition for cyber security [J ] . Cybersecurity , 2021 , 4 ( 1 ): 9 .

WANG X D , LIU J Y . A novel feature integration and entity boundary detection for named entity recognition in cybersecurity [J ] . Knowledge-Based Systems , 2023 , 260 : 110114 .

ZENG A , LIU X , DU Z , et al . GLM-130B: an open bilingual pre-trained model [J ] . arXiv Preprint , arXiv: 2210.02414 , 2022 .

BRIDGES R A , JONES C L , IANNACONE M D , et al . Automatic labeling for entity extraction in cyber security [J ] . arXiv Preprint , arXiv: 1308.4941 , 2013 .

ALAM M T , BHUSAL D , PARK Y , et al . CyNER: apython library for cybersecurity named entity recognition [J ] . arXiv Preprint , arXiv: 2204.05754 , 2022 .

ABDULLAH M S , ZAINAL A , MAAROF M A , et al . Cyber-attack features for detecting cyber threat incidents from online news [C ] // Proceedings of the 2018 Cyber Resilience Conference (CRC) . Piscataway : IEEE Press , 2018 : 1 - 4 .

WU X J , ZHANG T Q , YUAN S , et al . One improved model of named entity recognition by combining BERT and BiLSTM-CNN for domain of Chinese railway construction [C ] // Proceedings of the 2022 7th International Conference on Intelligent Computing and Signal Processing (ICSP) . Piscataway : IEEE Press , 2022 : 728 - 732 .

JIE Z , LU W . Dependency-guided LSTM-CRF for named entity recognition [J ] . arXiv Preprint , arXiv: 1909.10148 , 2019 .

Views

708

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

RL-WGAN based method for 5G network anomalous data generation

Study on Co-EDCA mechanism for multi-AP collaboration in FTTR C-WAN architecture

Design and implementation of an IPv6+ based intelligent computing-network scheduling scheme for Internet of vehicles

Survey of node localization scheme in underwater wireless sensor network

Adaptive defense model for critical assets against unknown network threats

Related Author

Ning Zhaolong

Zou Daoyuan

Zhou Li

Ouyang Ruiqi

Xiong Xuanrui

WU Weimin

ZENG Chen

YU Zhaoyang

Related Institution

College of Electronic Science and Technology, National University of Defense Technology

School of Communications and Information Engineering, Chongqing University of Posts and Telecommunications

School of Electronic Information and Communication, Huazhong University of Science and Technology

Intelligent and Connected Vehicle Research Institute, China Unicom Smart Connection Technology Limited

School of Computer Science, Beijing University of Posts and Telecommunications

AI问答

⁰