Abstract
In this paper, we focus on the need for mining the relevance of computer security vulnerabilities and propose an automatic vulnerability classification method using the relevance. Based on the theory of privilege elevation, we set five privilege levels and use the concept of Prerequisite Privilege (PRE) and Result Privilege (RES) of each vulnerability to illustrate the change of an attacker’s privilege due to the vulnerabilities exploited by the attacker. We design two classifiers – one is based on TFIDF and the other is based on Naive Bayes theory – to automatically find out the PRE and RES of each vulnerability after trained by more than 7000 training data. Finally, we fuse these two classifiers and the experiment results on Linux vulnerability data show that this method has high accuracy and efficiency. Using this method, we successfully exploit the category of each new vulnerability and analyze the relevance between different vulnerabilities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
US Department of Commerce, NIST: Glossary of Key Information Security Terms. National Institute of Standards & Technology (2011)
Li, J., Li, W.: Security vulnerability description language. Comput. Eng. Appl. 38(12), 10–11 (2002). (in Chinese)
Goldberg, D.E.: Genetic Algorithm in Search, Optimization and Machine Learning. Addison-Wesley, Boston (1989)
Zhu, Y.: Research on network security evaluation technology based on Vulnerability Database. Nanjing University of Posts and Telecommunications (2009). (in Chinese with English abstract)
Gao, Y.S.: Design and implementation of security vulnerability database. Microellectronics Comput. 24(3), 99–101 (2007). (in Chinese)
Kan, A., Chan, J., Bailey, J.: A query based approach for mining evolving graphs. In: Eighth Australasian Data Mining Conference, vol. 101, pp. 139–150 (2009)
Landwehr, C.E.: A taxonomy of computer program security flaws. ACM Comput. Surv. 26(3), 211–254 (1993)
Du, W., Mathur, A.P.: Categorization of software errors that lead to security breaches. In: National Information Systems Security Conference, pp. 392–407 (2000)
Aslam, T., Tariq, M.: A Taxonomy of Security Faults in the Unix Operating System (2000)
Aslam, T., Krsul, I., Spafford, E.H.: Use of A Taxonomy of Security Faults, pp. 551–560. Purdue University (2000)
Porras, P.: STAT – A State Transition Analysis Tool for Intrusion Detection (1992)
Ammann, P., Pamula, J., Street, J.: A Host-based approach to network attack chaining analysis, computer security applications conference. pp. 72–84. IEEE Computer Society (2005)
Zhang, Y.Z.: Research on computer security vulnerabilities and corresponding key technologies. Harbin Institute of Technology (2006). (in Chinese with English abstract)
Mantrach, A., Yen, L., Callut, J.: The sum-over-paths covariance kernel: a novel covariance measure between nodes of a directed graph. IEEE Trans. Pattern Anal. Mach. Intell. 32(6), 1112–1126 (2010)
Asghari, E.M., Nematzadeh, H.: Predicting air pollution in Tehran: genetic algorithm and back propagation neural network. J. Al Data Min. (2016)
Acknowledgments
This paper is partially supported by Basic Scientific Research Program of Chinese Program of Chinese Ministry of Industry and Information Technology (Grant No. JCKY2016602B001) and National Key R&D Program of China (Grant No. 2016YFB080000).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Zhang, H., Lv, K., Hu, C. (2017). An Automatic Vulnerabilities Classification Method Based on Their Relevance. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_35
Download citation
DOI: https://doi.org/10.1007/978-3-319-64701-2_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64700-5
Online ISBN: 978-3-319-64701-2
eBook Packages: Computer ScienceComputer Science (R0)