Software vulnerability availability prediction method based on knowledge graph
A software vulnerability and knowledge graph technology, applied in the field of software vulnerability exploitability prediction based on knowledge graph, can solve problems such as poor prediction effect, failure to consider deep semantic information, low accuracy rate, etc., to achieve high accuracy, excellent general The effects of culturalization ability and strong semantic representation ability
Pending Publication Date: 2022-06-28
STATE GRID ZHEJIANG ELECTRIC POWER CO LTD JINHUA POWER SUPPLY CO
View PDF0 Cites 4 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, there are methods for predicting the exploitability of software vulnerabilities in the prior art. The existing prediction methods can predict the exploitability of software vulnerabilities to a certain extent, but this type of method only considers the word frequency and other information in the vulnerability description text, and does not Considering the deep semantic information between words, there are still problems such as poor prediction effect and low accuracy
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0029] A software vulnerability exploitability prediction method based on knowledge graph, such as figure 1 shown, including the following steps:
[0030] Step 1: Collect the software vulnerability database data, obtain the vulnerability description text according to the software vulnerability database data, preprocess the vulnerability description text, extract entities, entity attributes, and relationships between entities from the vulnerability description text, and extract the entities according to the extracted entities. , entity attributes and relationships between entities to build a software vulnerability knowledge graph;
[0031] In step 2, experts revise the obtained software vulnerability knowledge graph, and store the revised software vulnerability knowledge graph in the form of a graph database;
[0032] Step 3: Build a software vulnerability exploitability prediction model, perform graph embedding processing on the stored software vulnerability knowledge graph, ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides a software vulnerability availability prediction method based on a knowledge graph, and the method specifically comprises the steps: obtaining a vulnerability description text according to the data of a software vulnerability library, extracting entities, entity attributes and relationships among the entities from the vulnerability description text, constructing a software vulnerability knowledge graph, and then carrying out the expert revision of the knowledge graph; constructing a software vulnerability availability prediction model, performing graph embedding processing on the software vulnerability knowledge graph revised by the expert, constructing a training set according to the graph embedding processing, and training the software vulnerability availability prediction model; and obtaining a to-be-predicted software vulnerability description text, obtaining entities, entity attributes and relationships among the entities of the to-be-predicted software vulnerability description text, inputting the to-be-predicted software vulnerability description text into the software vulnerability availability prediction model, and outputting a corresponding software vulnerability availability prediction result by the software vulnerability availability prediction model. According to the method, the accuracy of predicating the availability of the software vulnerability of the known data set is high, and the generalization ability is very excellent.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to a software vulnerability exploitability prediction method based on a knowledge graph. Background technique [0002] The existence of software vulnerabilities makes the operation of computer information systems have many security risks. In the current Internet environment, security issues are particularly important. For the numerous software vulnerabilities published every day, it is a key and difficult problem how the computer information system operation and maintenance personnel perform vulnerability maintenance and optimization for the published software vulnerabilities. Among these published software vulnerabilities, not all software vulnerabilities can be exploited to commit illegal acts. Information system operation and maintenance personnel can screen software vulnerabilities that can be exploited, and prioritize them, thereby effectively reducing network problems...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06N5/02G06F40/295
CPCG06F21/577G06N5/022G06F40/295
Inventor 郭瑜郑建新倪旭明张波金旭厉立锋胡航余侃张俊吴哲翔王斌李凌
Owner STATE GRID ZHEJIANG ELECTRIC POWER CO LTD JINHUA POWER SUPPLY CO