Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Unknown vulnerability risk assessment method based on text analysis

A technology of unknown vulnerability and text analysis, applied in the field of network unknown vulnerability risk assessment, which can solve problems such as assessing vulnerabilities

Inactive Publication Date: 2020-12-04
江苏开博科技有限公司
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there is little research work on the use of text analysis to assess the risk level of vulnerabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Unknown vulnerability risk assessment method based on text analysis
  • Unknown vulnerability risk assessment method based on text analysis
  • Unknown vulnerability risk assessment method based on text analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention is described in further detail now in conjunction with accompanying drawing.

[0041] Such as figure 1 Shown, the present invention a kind of unknown vulnerability risk assessment method based on text analysis, comprises the following steps:

[0042] Step 1: Take the National Vulnerability Database, NVD as the sample data source to obtain the existing vulnerability text description;

[0043] Step 2: Perform text analysis on the sample vulnerability text description, and extract the vector matrix, specifically:

[0044] 2.1: Use the natural language processing tool jieba to segment the text;

[0045] 2.2: Remove punctuation marks and stop words;

[0046] 2.3: Use natural language processing tools to extract stem parts and remove invalid parts;

[0047] 2.4: Use the term frequency-inverse document frequency TF-IDF (term frequency-inverse document frequency) method to establish a keyword vector matrix, specifically:

[0048] 2.4.1: Calculate word...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an unknown vulnerability risk assessment method based on text analysis, and belongs to the technical field of network unknown vulnerability risk assessment, and the method comprises the steps: taking an American national vulnerability database and an NVD as sample data sources, and obtaining an existing vulnerability text description; performing text analysis on the samplevulnerability text description, and extracting a vector matrix; establishing a classification model by utilizing the extracted vector matrix and the corresponding CVSS score; and when risk assessmentis carried out on any vulnerability which is not scored, carrying out the step 2 firstly to obtain a corresponding vector matrix, and then inputting the corresponding vector matrix into the classification model obtained in the step 3 to obtain a vulnerability risk level. For vulnerabilities which do not exist in an existing vulnerability library, the risk levels of the vulnerabilities are automatically evaluated according to the vulnerability text description of the vulnerabilities, and the method is not limited to vulnerability library data any more. The automatic risk level assessment is helpful for the computer user to determine the severity of the vulnerability according to the vulnerability description, and provides a basis for the processing and sorting of the user.

Description

technical field [0001] The invention relates to a text analysis-based unknown vulnerability risk assessment method, which belongs to the technical field of network unknown vulnerability risk assessment. Background technique [0002] In recent years, the number of security vulnerabilities in information systems has grown exponentially. The corresponding security vulnerability threat assessment system can rank the vulnerabilities according to their own attributes and threat severity differences, so as to prioritize the more destructive security vulnerabilities and reduce the vulnerability threats. The risk of energy loss is minimized. [0003] Security experts and scholars at home and abroad have explored and studied the risk assessment methods of system security vulnerabilities from qualitative, quantitative, and qualitative and quantitative perspectives. However, there is little research work on the use of text analysis to assess the risk level of vulnerabilities. Content...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F40/216G06F40/289G06K9/62G06N3/04G06N3/08
CPCG06F21/577G06F40/216G06F40/289G06N3/08G06N3/045G06F18/2415
Inventor 孟军
Owner 江苏开博科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products