Abstract
The research on network vulnerability analysis and management has gained increased attention during last decade since many studies have proved that combination of exploits is typical means to compromise a network system. This paper presents an intelligent method for analyzing and classifying vulnerabilities based on text mining technology. The proposed mechanism can automatically classify vulnerabilities into different predefined categories and obtain valuable information from abundant vulnerability texts. A series of experiments on 1060 new reported vulnerabilities in last three years by CERT are performed to demonstrate the efficiency of this mechanism. The results generated by this study can be applied to detecting multistage attack, correlating intrusion alerts, and generating attack graph.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
CERT Statistics (1995-2208), http://www.cert.org/stats/
Foreman, P.: Vulnerability Management. Taylor & Francis Group (2010)
Baldwin, R.: Rule based analysis of computer security, Technical Report TR-401, MIT LCS Lab (1988)
Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium, Society for Industrial and Applied Mathematics (2005)
Vache, G.: Vulnerability analysis for a quantitative security evaluation. In: Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement (2009)
Ben-Dov, M., Feldman, R.: Text Mining and Information Extraction. Part 6, 809–835 (2010)
Hearst, M.A.: Untangling text data mining. In: Proceedings of the 37th Conference on Association for Computational Linguistics. Association for Computational Linguistics, College Park, Maryland (1999)
Porter, M.: An algorithm for suffix stripping. Program, 130–137 (1980)
Metzler, D.: Generalized inverse document frequency. In: Proceeding of the 17th ACM Conference on Information and Knowledge Management (2008)
Pudil, P., Somol, P.: Current Feature Selection Techniques in Statistical Pattern Recognition. In: Computer Recognition Systems. Advances in Soft Computing, vol. 30 (2005)
Yang, Y., Chute, C.G.: An example-based mapping method for text categorization and retrieval. ACM Transactions on Information Systems 12(3), 252–277 (1994)
Lewis, D.D.: Naive (Bayes) at forty: the independence assumption in information retrieval. In: Nedellec, C., Rouveirol, C. (eds.) Proceedings of ECML1998, 10th European Conference on Machine Learning. Springer, Heidelberg (1998)
Cortes, C., Vapnik, V.: Support-vector networks. Machine learning 20(3), 273–297 (1995)
Hsu, C.W., Lin, C.J.: A comparison on methods for multi-class support vector machines. IEEE Transactions on Neutral Networks (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, C., Li, J., Chen, X. (2012). Network Vulnerability Analysis Using Text Mining. In: Pan, JS., Chen, SM., Nguyen, N.T. (eds) Intelligent Information and Database Systems. ACIIDS 2012. Lecture Notes in Computer Science(), vol 7197. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28490-8_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-28490-8_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28489-2
Online ISBN: 978-3-642-28490-8
eBook Packages: Computer ScienceComputer Science (R0)