Vulnerability Automatic Classification Method Supporting Vulnerability Correlation Mining

A technology of automatic classification and correlation, applied in the field of information security, which can solve the problems of non-mutual exclusion between classes, vague concepts, and no specific characteristics clearly pointed out.

Active Publication Date: 2019-08-06
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The current vulnerability classification mainly includes the Unix operating system classification method proposed by Aslam of Purdue University’s COAST Laboratory, which is divided into operational failure, environmental failure and coding failure. However, due to the lack of specific quantitative indicators, it is impossible to evaluate the harm level of vulnerabilities; The software vulnerability classification method proposed by Wang Lidong of Harbin Institute of Technology describes the impact of vulnerabilities on security such as confidentiality, integrity, and availability. The generalized classification method proposed by Knight et al. There are four types of vulnerabilities. Due to a certain degree of conceptual ambiguity, there is no mutual exclusion between classes
[0005] The above classification methods all analyze the vulnerability as a single defect. Zhang Yongzheng emphasized the correlation between the vulnerabilities, and proposed that the premise of judging the relevance of the vulnerability is that the vulnerability can be accurately determined according to the "premise privilege set" and "result privilege set". Classification, implements a novel multi-dimensional quantitative attribute vulnerability classification method that supports correlation mining, but does not clearly point out the specific characteristics of each category, and cannot be automatically classified

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability Automatic Classification Method Supporting Vulnerability Correlation Mining
  • Vulnerability Automatic Classification Method Supporting Vulnerability Correlation Mining
  • Vulnerability Automatic Classification Method Supporting Vulnerability Correlation Mining

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0078] The technical solution of the present invention will be described in detail below in conjunction with the drawings and embodiments.

[0079] Using the vulnerability automatic classification method that supports vulnerability association mining proposed by the present invention to classify vulnerabilities and obtain the operation process of the association relationship between vulnerabilities is as follows: figure 1 As shown, the specific steps are:

[0080] Step 1: Build a vulnerability database, download the 2010-2016 vulnerability data from the National Vulnerability Database (NVD), select the vulnerability data under Linux and filter the fields and import it into the local database.

[0081] The fields of the local vulnerability database are shown in Table 1.

[0082] Table 1 Vulnerability database field table

[0083]

[0084]

[0085] Step 2: Determine the privilege set category.

[0086] The categories of privilege sets include: system administrator privilege set, common sy...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a vulnerability automatic classification method supporting vulnerability correlation mining, which belongs to the technical field of information security. The specific operation is as follows: Step 1: Build a vulnerability database and collect vulnerability records. Step 2. Determine the privilege set category. Step 3, train the classifier. Step four, test data. Compared with the existing methods, the vulnerability automatic classification method proposed by the present invention, which supports vulnerability correlation mining, has the following advantages: ① the vulnerability classification result is suitable for vulnerability correlation mining; Obvious; ③ Realize automatic classification of vulnerabilities, improve classification efficiency, and save labor costs.

Description

Technical field [0001] The invention relates to a method for automatically classifying vulnerabilities supporting vulnerabilities association mining, and belongs to the technical field of information security. Background technique [0002] Network security vulnerability refers to the existence of certain security vulnerabilities in the computer system that may be exploited by malicious subjects (attackers or attack programs), which may cause unauthorized access to system resources or cause other damage to the system. In recent years, mature vulnerability scanning technology and CVE (Common Vulnerabilities & Exposures) standards and Common Vulnerability Scoring System (CVSS) vulnerability rating methods have gradually developed, which can detect and discover vulnerabilities in the network, But it is impossible to analyze the correlation and mutual utilization of the vulnerabilities. The attack method in cyber risk is often through the related vulnerabilities, cut from one vulnera...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06K9/62
CPCG06F21/577G06F2221/034G06F18/214
Inventor 胡昌振张皓吕坤
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products