DOI: 10.3390/electronics15132874 ISSN: 2079-9292

VulnPattern-TKG: An End-to-End Temporal Knowledge Graph Framework for Forecasting CVE-Derived Vulnerability-Pattern Relation Emergence

HyoungJu Kim, Pankoo Kim, Junho Choi

This study proposes VulnPattern-TKG, an end-to-end temporal knowledge graph framework that forecasts the emergence of CVE-derived vulnerability-pattern relations from Common Vulnerabilities and Exposures (CVE) descriptions. The framework does not aim to predict the real-world exploitation of individual CVEs; instead, it models how standardized relations among Weakness Factor (WF), Exploitation Outcome (EO), and Exploitation Prerequisite (EP) categories evolve over time in vulnerability disclosure text. It processes 205,600 National Vulnerability Database (NVD) CVE descriptions from 2014 to 2024 using a hybrid pipeline combining SecureBERT+CRF-based entity extraction, dependency-parsing-based relation rules, and four-stage hierarchical standardization. The resulting compact Knowledge Layer contains 26 standardized category nodes and 48,371 confidence-filtered triples. VulnTEC is a lightweight confidence- and time-weighted Node2Vec graph embedding framework that ranks relation-compatible candidate tails using cosine similarity over shared node embeddings. An internal four-component priority-score framework, integrating prediction confidence, temporal rise, exploitation-prerequisite prevalence-risk proxy, and extraction confidence, supports an analyst-side review of the forecasted relations. Under the novel-only triggers evaluation, VulnTEC achieves a mean MRR of 0.410 ± 0.020; however, the theoretical random baseline already reaches 0.408 because the candidate tail space contains only six EO categories. The results are interpreted as directional ranking evidence, and query-level Top-K results are reported only as descriptive analyst-side review evidence.

More from our Archive