{"title":"IFVD: Design of Intelligent Fusion Framework for Vulnerability Data Based on Text Measures","authors":"Rui-Yi Li, Shichong Tan, Chensi Wu, Xudong Cao, Haitao He, Wenjie Wang","doi":"10.1109/ICCCN49398.2020.9209726","DOIUrl":null,"url":null,"abstract":"Security vulnerability database research is an essential part of information security research. With the sharp increase in the number of vulnerabilities in recent years, it has become increasingly important to collect and organize information about existing vulnerability databases. However, there is heterogeneity and redundancy of data between the databases, which makes it challenging to share vulnerability information. In response to the above problems, a comprehensive security vulnerability collection model is proposed. A total of 1.005 million pieces of vulnerability data are collected and analyzed in 11 mainstream vulnerability databases. By introducing the idea of the collection of automation, problems such as the untimely update of vulnerability database information and the low efficiency of vulnerability collection, are solved effectively. The structural framework and functional modules of the automatic vulnerability collection system are introduced, and the specific implementation of the system is given. Based on the text processing technology, the rules of deduplication (95.6% accuracy) and the intelligent framework for vulnerability database (IFVD) are proposed and implemented. Finally, Experiments show the feasibility of the scheme.","PeriodicalId":137835,"journal":{"name":"2020 29th International Conference on Computer Communications and Networks (ICCCN)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 29th International Conference on Computer Communications and Networks (ICCCN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCN49398.2020.9209726","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Security vulnerability database research is an essential part of information security research. With the sharp increase in the number of vulnerabilities in recent years, it has become increasingly important to collect and organize information about existing vulnerability databases. However, there is heterogeneity and redundancy of data between the databases, which makes it challenging to share vulnerability information. In response to the above problems, a comprehensive security vulnerability collection model is proposed. A total of 1.005 million pieces of vulnerability data are collected and analyzed in 11 mainstream vulnerability databases. By introducing the idea of the collection of automation, problems such as the untimely update of vulnerability database information and the low efficiency of vulnerability collection, are solved effectively. The structural framework and functional modules of the automatic vulnerability collection system are introduced, and the specific implementation of the system is given. Based on the text processing technology, the rules of deduplication (95.6% accuracy) and the intelligent framework for vulnerability database (IFVD) are proposed and implemented. Finally, Experiments show the feasibility of the scheme.