Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Parallel vulnerability mining method based on open source library and text mining

A vulnerability mining and text mining technology, applied in special data processing applications, instruments, electrical digital data processing, etc., can solve problems such as increased economic losses and increased harm

Active Publication Date: 2014-11-26
CHINA INFORMATION TECH SECURITY EVALUATION CENT
View PDF3 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, the economic losses caused by Internet information security issues have increased significantly, and the harm caused has also increased significantly.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Parallel vulnerability mining method based on open source library and text mining
  • Parallel vulnerability mining method based on open source library and text mining
  • Parallel vulnerability mining method based on open source library and text mining

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The present invention is further described as follows in conjunction with accompanying drawings and embodiments.

[0045] figure 1 It is a flowchart of the present invention, illustrating an embodiment of parallel vulnerability discovery. The parallel vulnerability discovery begins with obtaining and preprocessing vulnerability data. The second step is to extract the vulnerability set. The third step is the vectorization of vulnerability information. The fourth step is to use the training set to obtain the threshold. The fifth step is to obtain parallel vulnerability results.

[0046] figure 2 for figure 1 The flow chart of data acquisition and preprocessing in the figure illustrates an embodiment of how to acquire vulnerability data and perform preprocessing. The process starts with obtaining data from two public data sources (MITRE and CVSS), and then enters the original data into the system, operates in a unified format, and forms four data sets (CAPEC, CWE, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a parallel vulnerability mining method based on an open source library and test mining, and belongs to the technical field of computer information safety. The parallel vulnerability mining method comprises the steps that vulnerability data are obtained from the open source library and pre-processed, a vulnerability set is extracted, text vectorization is conducted, the threshold is calculated and parallel vulnerabilities are discovered. The parallel vulnerability mining method has the advantages that on the basis of the open source library, relevant vulnerability information in the same attack mode is extracted, and therefore potential parallel relationships between the vulnerabilities can be analyzed conveniently; text description information of the vulnerabilities are vectorized, and therefore a computer system can conduct intelligent processing on vulnerability recording data conveniently; the method differs from query on the basis of keyword matching in that the similarity between the vulnerabilities is studied according to the threshold obtained through a training set; the parallel relationships between the vulnerabilities can be calculated, so that when it is found that one vulnerability is utilized, the other parallel vulnerabilities are made up rapidly, therefore, the vulnerability of a whole network is made up, the defense capacity is enhanced and great significance for information safety is achieved.

Description

technical field [0001] The invention belongs to the technical field of computer information security. Specifically, the present invention relates to a parallel vulnerability mining method based on open source library and text mining. Background technique [0002] With the continuous popularization and rapid development of the Internet, people are increasingly using and relying on the Internet. At the same time, the economic losses caused by Internet information security issues have increased significantly, and the harm caused has also increased significantly. Vulnerabilities in various software and operating systems provide conditions for hackers to launch cyber attacks, steal user information, and even destroy industrial infrastructure. For this reason, all countries in the world spare no effort to study effective methods to prevent hidden dangers in the network. [0003] Since 1996, information security experts have begun to summarize and summarize Internet attack patte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F17/30
CPCG06F21/577
Inventor 赵向辉刘林刘晖易锦陈海强张磊姚原岗李维杰偰赓刘彦钊
Owner CHINA INFORMATION TECH SECURITY EVALUATION CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com