Research on parallel vulnerabilities discovery based on open source database and text mining

摘要

For the question of information security vulnerabilities discovery, the parallel vulnerabilities discovery method is given based on the CAPEC, CWE, CVE and other open source database and text mining. Firstly, we can extract the association vulnerability CWE under the same attack mode, then from CWE associated with CVE based on open source database. That can help us to analyze the potential parallel relationship of the multiple vulnerabilities. Secondly, the vulnerability description information will be vectorized, so that the software system is able to intelligent processing to vulnerability data. That is different from the query based on keyword matching, analyzes the similarity between the multiple vulnerabilities according to the threshold from the training set, and computes the parallel relationship between the multiple vulnerabilities and discovery the parallel vulnerabilities. Finally, this method is correct and effective by the experimental verification and in practice. According to this method, we are able to repair other parallel vulnerabilities when finding a vulnerability is exploited. An advantage of our method is that is applied to network defense.