In recent years, the frequent outbreak of information security incidents caused by information security vulnerabilities has brought huge losses to countries and enterprises. Therefore, the research related to information security vulnerability has attracted many scholars, especially the research on the identification of information security vulnerabilities. Although some organizations have established information description databases for information security vulnerabilities, the differences in their descriptions and understandings of vulnerabilities have increased the difficulty of information security precautions. This paper studies the construction of a security vulnerability identification system, summarizes the system requirements, and establishes a vulnerability text classifier based on machine learning. It introduces the word segmentation, feature extraction, classification, and verification processing of vulnerability description text. The contribution of this paper is mainly in two aspects: One is to standardize the unified description of vulnerability information, which lays a solid foundation for vulnerability analysis. The other is to explore the research methods of a vulnerability identification system for information security and establish a vulnerability text classifier based on machine learning, which can provide reference for the research of similar systems in the future.

中文翻译：

---

基于机器学习的安全漏洞识别系统的构建

近年来，由信息安全漏洞引起的信息安全事件频发，给国家和企业带来了巨大损失。因此，有关信息安全漏洞的研究吸引了许多学者，尤其是关于信息安全漏洞识别的研究。尽管一些组织已经建立了针对信息安全漏洞的信息描述数据库，但是其描述和对漏洞的理解上的差异增加了信息安全预防措施的难度。本文研究了安全漏洞识别系统的构建，总结了系统要求，并建立了基于机器学习的漏洞文本分类器。它介绍了分词，漏洞描述文本的特征提取，分类和验证处理。本文的贡献主要体现在两个方面：一是规范漏洞信息的统一描述，为漏洞分析奠定了坚实的基础。二是探索信息安全漏洞识别系统的研究方法，建立基于机器学习的漏洞文本分类器，为今后类似系统的研究提供参考。