Research on parallel vulnerabilities discovery based on open source database and text mining
For the question of information security vulnerabilities discovery,the parallel vulnerabilities discovery method is given based on the CAPEC,CWE,CVE and other open source database and text mining.Firstly,we can extract the association vulnerability CWE under the same attack mode,then from CWE associated with CVE based on open source database.That can help us to analyze the potential parallel relationship of the multiple vulnerabilities.Secondly,the vulnerability description information will be vectorized,so that the software system is able to intelligent processing to vulnerability data.That is different from the query based on keyword matching,analyze the similarity between the multiple vulnerabilities according to the threshold from the training set,then,and compute the parallel relationship between the multiple vulnerabilities,discovery the parallel vulnerabilities.Finally,this method is correct and effective by the experiment validation and practice.According to this method,we are able to repair other parallel vulnerabilities when find a vulnerability is exploited.This method has higher application value of network defense.
text mining vulnerability discovery vulnerability correlation parallel vulnerabilities
ZHAO Xianghui PENG Yong ZHAI Zan Jin Yi YAO Yuangang
China Information Technology Security Evaluation Center,Beijing 100085,China Chongqing Public Security Bureau,Chongqing 401147,China
国内会议
武汉
英文
603-612
2015-05-26(万方平台首次上网日期,不代表论文的发表时间)