当前位置: X-MOL 学术Comput. Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Vulnerability Analysis and Prediction Framework
Computers & Security ( IF 5.6 ) Pub Date : 2020-05-01 , DOI: 10.1016/j.cose.2020.101751
Mark A. Williams , Roberto Camacho Barranco , Sheikh Motahar Naim , Sumi Dey , M. Shahriar Hossain , Monika Akbar

Abstract As the world approaches a state of greater dependence on technology, many products face increasing threats from malicious attackers who are attempting to take advantage of vulnerabilities in software design. Most of the known vulnerability information is already aggregated, stored in text format, and readily accessible to the public, making such an aggregated database a prime corpus for analysis using data mining methods. Multiple research efforts have been launched in which individual aspects of such cyber-security corpora were analyzed to create taxonomies, assess vulnerability impact, and improve vulnerability detection. However, minimal effort has been committed to analyze cyber-security corpora to explore correlations between vulnerabilities, to study the evolution of a vulnerability from its genesis, and to predict vulnerabilities using multi-faceted algorithms. In this paper, we propose an integrated data mining framework to automatically describe how vulnerabilities develop over time and detect the evolution of a specific vulnerability. Additionally, our framework has a predictive functionality that can be used to predict specific vulnerabilities or to estimate future appearance probabilities of vulnerability groups. In our framework, we use (1) a Topically Supervised Evolution Model (TSEM) that can discover temporal themes from a text corpus, (2) a diffusion-based storytelling technique that sifts through past vulnerability reports to describe how a current vulnerability threat evolved, and (3) several prediction models that use features from a cyber-security corpus to predict vulnerabilities. A series of experiments demonstrate that the proposed framework can not only discover evolutionary patterns in today's most pressing vulnerabilities with a high degree of precision, but it can also predict vulnerabilities with impressive accuracy. As case studies, we also explore the development of vulnerabilities in certain products, providing a unique insight into the correspondence between seemingly unrelated vulnerabilities and the impact of that correspondence on overall software security.

中文翻译:

漏洞分析和预测框架

摘要 随着世界越来越依赖技术,许多产品面临着越来越多的恶意攻击者的威胁,他们试图利用软件设计中的漏洞。大多数已知的漏洞信息已经聚合,以文本格式存储,公众可以轻松访问,使这种聚合数据库成为使用数据挖掘方法进行分析的主要语料库。已经启动了多项研究工作,其中分析了此类网络安全语料库的各个方面,以创建分类法、评估漏洞影响并改进漏洞检测。然而,很少有人致力于分析网络安全语料库以探索漏洞之间的相关性,研究漏洞从起源的演变,并使用多方面算法预测漏洞。在本文中,我们提出了一个集成的数据挖掘框架来自动描述漏洞如何随时间发展并检测特定漏洞的演变。此外,我们的框架具有预测功能,可用于预测特定漏洞或估计漏洞组的未来出现概率。在我们的框架中,我们使用 (1) 可以从文本语料库中发现时间主题的局部监督进化模型 (TSEM),(2) 一种基于扩散的讲故事技术,可以筛选过去的漏洞报告来描述当前的漏洞威胁是如何演变的,以及 (3) 几种使用网络安全语料库中的特征来预测漏洞的预测模型。一系列实验表明,所提出的框架不仅可以高精度地发现当今最紧迫的漏洞的进化模式,而且还可以以令人印象深刻的准确度预测漏洞。作为案例研究,我们还探索了某些产品中漏洞的发展,为看似不相关的漏洞之间的对应关系以及该对应关系对整体软件安全性的影响提供了独特的见解。
更新日期:2020-05-01
down
wechat
bug