UVDA:design and implementation of automation fusion framework of heterogeneous security vulnerability database

Tao WEN; Yu-qing ZHANG; Qi-xu LIU; Gang YANG

Tongxin xuebao (Oct 2015)

UVDA:design and implementation of automation fusion framework of heterogeneous security vulnerability database

Tao WEN,
Yu-qing ZHANG,
Qi-xu LIU,
Gang YANG

Affiliations

Tao WEN
Yu-qing ZHANG
Qi-xu LIU
Gang YANG

Journal volume & issue: Vol. 36
pp. 235 – 244

Abstract

Read online

Security vulnerability was the core of network security.Vulnerability database was designed to collect,assess and publish vulnerability information.However,there was redundant and heterogeneous data in vulnerability database which leads to sharing difficulty of vulnerability information among vulnerability database.15 main vulnerability database with a total of 842 thousands of vulnerability data items were connected and analyzed.Based on text mining technology,a rule of removing duplicate form vulnerabilities whose accuracy rate was 94.4% and vulnerability database fusion framework(UVDA)were proposed.Finally,three representative vulnerability database were used to realize UVDA framework,which made the process fully automatic.The generated UVDA vulnerability database has been used in national security vulnerability database and can be retrieved according to uniform product version and date time,promoting the standardization process of vulnerability information release mechanism.

information security;data fusion;vulnerability database;text mining;UVDA

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords