Evaluating Text Augmentation for Boosting the Automatic Mapping of Vulnerability Information to Adversary Techniques

MITRE ATT&CK is a well known framework which provides knowledge about adversary techniques' lifecycle and the targeted platforms. This knowledge is acquired by manually mapping vulnerability information to adversary techniques. However, the amount of published vulnerabilities makes it tedious and impractical for the expert. To this end, a model is developed to automate this mapping by solving a multi-label text classification problem. That is, to assign multiple adversary techniques, i.e., labels, to a vulnerability text description. In this paper, state-of-the-art models based on neural networks are utilized to solve the mapping problem. A common issue in multi-label classification is the existence of underrepresented classes. Here, text augmentation techniques are leveraged to help the developed models confront this by increasing, explicitly or implicitly, the input information. It is experimentally demonstrated that the proposed models surpass previous state-of-the-art. Additionally, when the proposed text augmentation techniques are used performance is boosted across all metrics providing a more accurate mapping.