Extraction of Natural Language Requirements from Breach Reports Using Event Inference

We address the problem of extracting useful information contained in security and privacy breach reports. A breach report tells a short story describing how a breach happened and the follow-up remedial actions taken by the responsible parties. By predicting sentences that may follow a breach description using natural language processing, our goal is to suggest security and privacy requirements for practitioners and end users that can be used to prevent and recover from such breaches. We prepare a curated dataset of structured short breach stories using unstructured breach reports published by the U.S. Department of Health and Human Services. We propose a prediction model for inferring held-out sentences based on Paragraph Vector, a document embedding method, and Long Short-Term Memory networks. The predicted sentences can suggest natural language requirements. We evaluate our model on the curated dataset as well as the ROCStories corpus, a collection of five-sentence commonsense stories, and find that the presented model performs significantly better than the baseline of using average word vectors.