CPC G06F 21/577 (2013.01) [G06F 18/214 (2023.01); G06N 3/045 (2023.01); G06N 3/08 (2013.01)] | 14 Claims |
1. A computer implemented method of detecting increased vulnerability of a software system, the method comprising:
accessing data records each corresponding to a known software vulnerability at a particular time, each data record including an identification of software affected by the known software vulnerability;
generating, for each of at least a subset of the data records, one or more training data items for a neural network, each of the one or more training data items associating a vulnerability of the data record with affected software identified by the data record, the neural network having input units corresponding to items in a corpus of all software and output units corresponding to items in a corpus of all vulnerabilities;
training the neural network using the one or more training data items so as to define a vector representation for each software in the corpus of all software based on weights in the neural network for an input unit corresponding to the software;
aggregating, for a subset of the software in the corpus corresponding to software in the software system, vector representations for each software in the subset to an aggregate vector representation for the software system for the particular time;
repeating the accessing, the generating, the training and the aggregating at subsequent times to generate multiple generations of aggregate vector representations for the software system, each generation corresponding to data records accessed at a different time; and
comparing the multiple generations of aggregate vector representations for the software system to identify a change in one or more aggregate vector representation as an indication of an increased vulnerability of the software system.
|