Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A software vulnerability automatic classification method based on a deep neural network

A deep neural network and software vulnerability technology, applied in the field of computer software security, can solve the problems of inaccuracy of software vulnerability classification, less vulnerability description information, ignoring vulnerability information, etc., to achieve good performance, good dimensionality reduction effect, and good accuracy Effect

Active Publication Date: 2019-06-14
秦皇岛百维科技股份有限公司
View PDF8 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, due to the large number and types of software vulnerabilities, the description information of each vulnerability is relatively small, so that each vulnerability presents the characteristics of high dimensionality and sparseness in the generated word vector space
These automatic vulnerability classification methods based on machine learning algorithms are not very effective in dealing with high-dimensional and sparse problems, and ignore specific vulnerability information, which makes the accuracy of software vulnerability classification not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A software vulnerability automatic classification method based on a deep neural network
  • A software vulnerability automatic classification method based on a deep neural network
  • A software vulnerability automatic classification method based on a deep neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The invention is aimed at the automatic classification of software vulnerabilities, and is mainly divided into five parts: data preprocessing, feature word set acquisition, word vector space generation, DNN model construction and vulnerability classification. The detailed algorithm framework and flow chart are as follows: figure 1 Shown:

[0049] Data preprocessing, feature word set acquisition, word vector space generation, DNN model building and vulnerability classification are introduced in detail as follows:

[0050] 1) Data preprocessing

[0051] (1) Segment the vulnerability description information

[0052] The vulnerability description information set includes multiple pieces of vulnerability description information. Word segmentation refers to dividing the coherent vulnerability description information into words one by one, that is, converting the entire vulnerability description information into the smallest semantic unit that can be counted through statisti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a software vulnerability automatic classification method based on a deep neural network. The method comprises the steps of S1, preprocessing the vulnerability information to form a word set list; S2, calculating the weight of each word in the sample vulnerability description information set by using a TF-IDF algorithm and an IG algorithm to obtain an important feature word set list; S3, generating the word vector space according to the important feature word set list, expressing each piece of vulnerability description information as an m-dimensional vector, wherein m isthe number of feature words in the important feature word set; S4, obtaining a software vulnerability classifier by using the DNN model; and S5, classifying the new vulnerability description information set. According to the method, an automatic deep neural network vulnerability classification model is constructed based on a TF-IDF algorithm and an IG algorithm; the dimension of the high-dimensional word vector space is reduced, the method can adapt to continuously updated software vulnerability data sets, the high dimension and sparsity of the word vector space are effectively processed, andthe better performance is shown in multi-dimensional evaluation indexes such as the accuracy rate, the recall rate and the precision.

Description

technical field [0001] The invention belongs to the field of computer software security, and in particular relates to a method for automatically classifying software vulnerabilities based on a deep neural network. Background technique [0002] With the rapid development of information technology, the application of the Internet and computers has brought great convenience to all walks of life, but also brought huge risks and hidden dangers. In recent years, with the improvement of informatization in various industries, information security issues have become increasingly prominent. Vulnerability refers to the software and hardware defects of the system, which can be illegally exploited by unauthorized personnel. Once the loopholes of the information system are exploited by malicious attacks, the security of the information system will be at great risk, which may cause immeasurable consequences. In recent years, the types and numbers of vulnerabilities have gradually increas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57G06F17/27G06N3/04G06N3/08
Inventor 任家东王倩李亚洲胡昌振
Owner 秦皇岛百维科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com