Automatic Classification of Vulnerabilities Based on CNN and Text Semantics

被引：0

作者：

Qu L.-Y. ^{[1
]}

Jia Y.-Z. ^{[1
]}

Hao Y.-L. ^{[1
]}

机构：

[1] China Information Technology Security Evaluation Center, Beijing

来源：

Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology | 2019年 / 39卷 / 07期

关键词：

China national vulnerability database of information security; Convoputional nered network; Vulnerability classification;

D O I：

10.15918/j.tbit1001-0645.2019.07.013

中图分类号：

学科分类号：

摘要：

Vulnerability classification technology is an important basis in information security vulnerability research, and is also an important means for effective management and control of vulnerability resources. In order to solve the problem of large-scale classification of vulnerabilities, an automatic vulnerability classification method was proposed based on convolutional neural network. Referring to the thought of deep learning, relevant local features of vulnerability description were acquired automatically, and the unstable problem of text training was solved through batchnorm normalized data, so as to realize the effective classification of vulnerabilities. Experiments show that compared with the traditional method, the efficiency of automatic classification of vulnerabilities can be improved to a certain degree with the proposed method. © 2019, Editorial Department of Transaction of Beijing Institute of Technology. All right reserved.

引用

页码：738 / 742

页数：4

共 13 条

[1] Information security technology security vulnerability identification and description specifications, (2012)
[2] China national vulnerability database of information security
[3] Wei S., He T., Hu C., Et al., Predicting software security vulnerabilities with component dependency graphs, Transactions of Beijing Institute of Technology, 38, 5, pp. 525-530, (2018)
[4] Conneau A., Schwenk H., Barrault L., Et al., Very deep convolutional networks for text classification, Proceedings of the 15 Th Conference of the European Chapter of the Association for Computational Linguisticss, 1, pp. 1107-1116, (2017)
[5] Du C., Huang L., Sentiment analysis with piecewise convolution neural network, Computer Engineering and Science, 39, 1, pp. 173-179, (2017)
[6] Li Y.L., An approach towards standardising vulnerability categories, (2007)
[7] Chen Z.Q., Zhang Y., Chen Z.R., A categorization framework for common vulnerabilities and exposures, The Computer Journal, 53, 5, pp. 551-580, (2010)
[8] Liao X., Wang Y., Fan X., Et al., National securityvulnerability database classification based on an LDA topic model, Tsinghua Univ(Sci& Tech), 10, pp. 1351-1355, (2012)
[9] Li Y., Hao Z., Lei H., Survey of convolutional neural network, Journal of Computer Applications, 36, 9, pp. 2508-2515, (2016)
[10] Chen P., Guo W., Document topic categorization combining latent topic information and convolutional semantic features, Journal of Signal Processing, 33, 8, pp. 1090-1096, (2017)

← 1 2 →