{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T19:23:47Z","timestamp":1771269827496,"version":"3.50.1"},"reference-count":43,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T00:00:00Z","timestamp":1757289600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Natural Science Foundation of China","award":["62402063"],"award-info":[{"award-number":["62402063"]}]},{"name":"National Natural Science Foundation of China","award":["2024JJ6067"],"award-info":[{"award-number":["2024JJ6067"]}]},{"name":"Natural Science Foundation of Hunan Province","award":["62402063"],"award-info":[{"award-number":["62402063"]}]},{"name":"Natural Science Foundation of Hunan Province","award":["2024JJ6067"],"award-info":[{"award-number":["2024JJ6067"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Information"],"abstract":"<jats:p>Due to the increasing harmfulness of software vulnerabilities, it is increasingly suggested to propose more efficient vulnerability assessment methods. However, existing methods mainly rely on manual updates and inefficient rule matching, and they struggle to capture potential correlations between vulnerabilities, thus resulting in issues such as strong subjectivity and low efficiency. To this end, a vulnerability severity assessment method named Latent Space Networks (LSNet) is proposed in this paper. Specifically, based on a clustering analysis in Common Vulnerability Scoring System (CVSS) metrics, we first exploit relations for CVSS metrics prediction and propose an adaptive transformer to extract vulnerability from both global semantic and local latent space features. Then, we utilize bidirectional encoding and token masking techniques to enhance the model\u2019s understanding of vulnerability\u2013location relationships, and combine the Transformer method with convolution to significantly improve the model\u2019s ability to identify vulnerable text. Finally, extensive experiments conducted on the open vulnerability dataset and the CCF OSC2024 dataset demonstrate that LSNet is capable of extracting potential correlation features. Compared with baseline methods, including SVM, Transformer, TextCNN, BERT, DeBERTa, ALBERT, and RoBERTa, it exhibits higher accuracy and efficiency.<\/jats:p>","DOI":"10.3390\/info16090779","type":"journal-article","created":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T09:32:01Z","timestamp":1757496721000},"page":"779","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["LSNet: Adaptive Latent Space Networks for Vulnerability Severity Assessment"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-6256-4712","authenticated-orcid":false,"given":"Yizhou","family":"Wang","sequence":"first","affiliation":[{"name":"School of Computer, Changsha University of Science and Technology, Changsha 410114, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jin","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Computer, Changsha University of Science and Technology, Changsha 410114, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mingfeng","family":"Huang","sequence":"additional","affiliation":[{"name":"School of Computer, Changsha University of Science and Technology, Changsha 410114, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2025,9,8]]},"reference":[{"key":"ref_1","unstructured":"IBM Annual Report 2024. Available online: https:\/\/www.ibm.com\/investor\/services\/annual-report."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Pan, S., Bao, L., Zhou, J., Hu, X., Xia, X., and Li, S. (2024, January 14\u201320). Towards More Practical Automation of Vulnerability Assessment. Proceedings of the IEEE\/ACM 46th International Conference on Software Engineering, Lisbon, Portugal.","DOI":"10.1145\/3597503.3639110"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1109\/MSEC.2020.3044475","article-title":"Time to Change the CVSS?","volume":"19","author":"Spring","year":"2021","journal-title":"IEEE Secur. Priv."},{"key":"ref_4","first-page":"1784","article-title":"Predicting Model of Vulnerabilities Based on the Type of Vulnerability Severity","volume":"41","author":"Gao","year":"2013","journal-title":"Acta Electrinica Sin."},{"key":"ref_5","first-page":"3283","article-title":"Vulnerability classification based on binary tree with entropy multi-class support vector machine","volume":"34","author":"Zhang","year":"2014","journal-title":"J. Comput. Appl."},{"key":"ref_6","first-page":"842","article-title":"Vulnerability exploitability assessment method based on network environment","volume":"41","author":"Zheng","year":"2024","journal-title":"J. Univ. Chin. Acad. Sci."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1016\/j.jhydrol.2017.03.060","article-title":"Classification of aquifer vulnerability using K-means cluster analysis","volume":"549","author":"Javadi","year":"2017","journal-title":"J. Hydrol."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Younis, A.A., and Yashwant, K.M. (2015, January 3\u20135). Comparing and Evaluating CVSS Base Metrics and Microsoft Rating System. Proceedings of the 2015 IEEE International Conference on Software Quality, Reliability and Security, Washington, DC, USA.","DOI":"10.1109\/QRS.2015.44"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"102808","DOI":"10.1016\/j.cose.2022.102808","article-title":"An evaluation of potential attack surfaces based on attack tree modelling and risk matrix applied to self-sovereign identity","volume":"120","author":"Naik","year":"2022","journal-title":"Comput. Secur."},{"key":"ref_10","first-page":"738","article-title":"Automatic Classification of Vulnerabilities Based on CNN and Text Semantics","volume":"39","author":"Qu","year":"2019","journal-title":"Transcations Beijing Inst. Technol."},{"key":"ref_11","unstructured":"Alshubaily, I. (2021). TextCNN with attention for text classification. arXiv."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Sahin, C.B. (2021, January 25\u201327). DCW-RNN: Improving Class Level Metrics for Software Vulnerability Detection Using Artificial Immune System with Clock-Work Recurrent Neural Network. Proceedings of the 2021 International Conference on INnovations in Intelligent SysTems and Applications (INISTA), Kocaeli, Turkey.","DOI":"10.1109\/INISTA52262.2021.9548609"},{"key":"ref_13","unstructured":"Le, T.H.M., Chen, H., and Babar, M.A. (2021). A survey on data-driven software vulnerability assessment and prioritization. arXiv."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"1538","DOI":"10.1093\/comjnl\/bxad080","article-title":"CDNM: Clustering-Based Data Normalization Method For Automated Vulnerability Detection","volume":"67","author":"Wu","year":"2024","journal-title":"Comput. J."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"107247","DOI":"10.1016\/j.infsof.2023.107247","article-title":"A novel vulnerability severity assessment method for source code based on a graph neural network","volume":"161","author":"Hao","year":"2023","journal-title":"Inf. Softw. Technol."},{"key":"ref_16","unstructured":"Common Vulnerability Scoring System (CVSS). Available online: https:\/\/www.first.org\/cvss\/."},{"key":"ref_17","unstructured":"(2025). CVSS Vulnerability Metrics, Available online: https:\/\/nvd.nist.gov\/vuln-metrics\/cvss."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Ramesh, M., Selvan, M.T., Sreenivas, P., and Sahayaraj, A.F. (2025). Advanced machine learning-driven characterization of new natural cellulosic Lablab purpureus fibers through PCA and K-means clustering techniques. Int. J. Biol. Macromol., 306.","DOI":"10.1016\/j.ijbiomac.2025.141589"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"8876","DOI":"10.1007\/s10489-024-05636-2","article-title":"Global k-means++: An effective relaxation of the global k-means clustering algorithm","volume":"54","author":"Vardakas","year":"2024","journal-title":"Appl. Intell."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1016\/j.pursup.2017.10.004","article-title":"Supply chain vulnerability assessment: A network based visualization and clustering analysis approach","volume":"24","author":"Blackhurst","year":"2018","journal-title":"J. Purch. Supply Manag."},{"key":"ref_21","unstructured":"Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A.N., Kaiser, \u0141., and Polosukhin, I. (2017, January 4\u20139). Attention is all you need. Proceedings of the 31st Conference on Neural Information Processing Systems (NIPS 2017), Long Beach, CA, USA."},{"key":"ref_22","unstructured":"Crawshaw, M. (2020). Multi-task learning with deep neural networks: A survey. arXiv."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"876","DOI":"10.1109\/TDSC.2023.3264850","article-title":"Certified Distributional Robustness on Smoothed Classifiers","volume":"21","author":"Yang","year":"2023","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Fu, M., Tantithamthavorn, C.K., Nguyen, V., and Le, T. (2023, January 4\u20137). Chatgpt for Vulnerability Detection, Classification, and Repair: How Far are We?. Proceedings of the 2023 30th Asia-Pacific Software Engineering Conference (APSEC), Seoul, Republic of Korea.","DOI":"10.1109\/APSEC60848.2023.00085"},{"key":"ref_25","unstructured":"Devlin, J., Chang, M.-W., Lee, K., and Toutanova, K. (2019, January 2\u20137). BERT: Pre-Training of Deep Bidirectional Transformers for Language Understanding. Proceedings of the 17th Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies (HLT-NAACL), Minneapolis, MN, USA."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Kim, Y. (2014, January 25\u201329). Convolutional Neural Networks for Sentence Classification. Proceedings of the Conference on Empirical Methods in Natural Language Processing, Doha, Qatar.","DOI":"10.3115\/v1\/D14-1181"},{"key":"ref_27","first-page":"103276","article-title":"Unsupervised detection of InSAR time series patterns based on PCA and K-means clustering","volume":"118","author":"Festa","year":"2023","journal-title":"Int. J. Appl. Earth Obs. Geoinf."},{"key":"ref_28","unstructured":"Rilling, L., and Morin, C. (2020, January 20\u201324). Automated Keyword Extraction from \u201cOne-day\u201d Vulnerabilities at Disclosure. Proceedings of the NOMS 2020-2020 IEEE\/IFIP Network Operations and Management Symposium, Budapest, Hungary."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Kisi, O., Heddam, S., Parmar, K.S., Petroselli, A., K\u00fclls, C., and Zounemat-Kermani, M. (2025). Integration of Gaussian process regression and K means clustering for enhanced short term rainfall runoff modeling. Sci. Rep., 15.","DOI":"10.1038\/s41598-025-91339-8"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Frei, M., Kwon, J., Tabaeiaghdaei, S., Wyss, M., Lenzen, C., and Perrig, A. (2022, January 19\u201322). G-sinc: Global Synchronization Infrastructure for Network Clocks. Proceedings of the 2022 41st International Symposium on Reliable Distributed Systems (SRDS), Vienna, Austria.","DOI":"10.1109\/SRDS55811.2022.00021"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"579","DOI":"10.1109\/TDSC.2020.2984219","article-title":"Efficient and Precise Secure Generalized Edit Distance and Beyond","volume":"19","author":"Zhu","year":"2020","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Vicarte, J.R.S., Flanders, M., Paccagnella, R., Garrett-Grossman, G., Morrison, A., and Fletche, C.W. (2022, January 22\u201326). Augury: Using Data Memory-Dependent Prefetchers to Leak Data at rest. Proceedings of the 2022 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP46214.2022.9833570"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"96","DOI":"10.1038\/s44159-024-00392-z","article-title":"Using natural language processing to analyse text data in behavioural science","volume":"4","author":"Feuerriegel","year":"2025","journal-title":"Nat. Rev. Psychol."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Xu, X., Xu, Z., Ling, Z., Jind, Z., Du, S., Pachori, R.B., and Chen, L. (2024, January 13). Comprehensive Implementation of TextCNN for Enhanced Collaboration Between Natural Language Processing and System Recommendation. Proceedings of the International Conference on Image, Signal Processing, and Pattern Recognition (ISPP 2024), Guangzhou, China.","DOI":"10.1117\/12.3033511"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Huang, T., Xu, Z., Yu, P., Yi, J., and Xu, X. (2025). A Hybrid Transformer Model for Fake News Detection: Leveraging Bayesian Optimization and Bidirectional Recurrent Unit. arXiv.","DOI":"10.1109\/ISBDAS64762.2025.11117058"},{"key":"ref_36","unstructured":"Le, T.H.M., Hin, D., Croft, R., and Babar, M.A. (2021, January 15\u201319). Deepcva: Automated Commit-Level Vulnerability Assessment with Deep Multi-Task learning. Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE), Melbourne, Australia."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"166","DOI":"10.1007\/s10462-025-11162-5","article-title":"BERT applications in natural language processing: A review","volume":"58","author":"Gardazi","year":"2025","journal-title":"Artif. Intell. Rev."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1016\/j.patrec.2018.06.029","article-title":"Unsupervised feature selection by self-paced learning regularization","volume":"132","author":"Zheng","year":"2020","journal-title":"Pattern Recognit. Lett."},{"key":"ref_39","unstructured":"Rosales, V., Anderton, O., Salvatore, A., and Braithwaite, R. (Authorea, 2024). Optimizing human-controlled preference alignment in large language models via dense token masking: A methodological approach, Authorea."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Pang, H., and Li, C. (2024, January 28\u201329). A BERT and TextCNN Integration-Based Method for Public Complaints and Proposals Text Classification. Proceedings of the 8th International Conference on Computer Science and Application Engineering, Shanghai, China.","DOI":"10.1145\/3704814.3704819"},{"key":"ref_41","unstructured":"He, P., Liu, X., Gao, J., and Chen, W. (2020). Deberta: Decoding-enhanced bert with disentangled attention. arXiv."},{"key":"ref_42","unstructured":"Lan, Z. (2019). Albert: A lite bert for self-supervised learning of language representations. arXiv."},{"key":"ref_43","unstructured":"Liu, Y. (2019). Roberta: A robustly optimized bert pretraining approach. arXiv."}],"container-title":["Information"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/9\/779\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T18:41:49Z","timestamp":1760035309000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2078-2489\/16\/9\/779"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,8]]},"references-count":43,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2025,9]]}},"alternative-id":["info16090779"],"URL":"https:\/\/doi.org\/10.3390\/info16090779","relation":{},"ISSN":["2078-2489"],"issn-type":[{"value":"2078-2489","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,8]]}}}