| The classification and assessment for information security vulnerability is a hotspot in information security research.An effective and Scientific method to classify and evaluate the information security vulnerabilities can identify the categories of vulnerabilities and the rank of hazard assessment in time,which can not only help enhance the understanding of vulnerability essence and explore the similarities in the same category of vulnerability,but also conduct vulnerabilities based on the results of the assessment.This research is of great significance for maintaining the security of military information system and promoting the effectiveness of military equipment.The major contributions of this paper include as follows:1.The paper focuses on the related theory of information security vulnerabilities in order to provide the academic guide for the classification and assessment.Basis of Information security vulnerabilities,vulnerability classification,vulnerability assessment and categories of vulnerabilities,we ascertained the data sources for classification and main idea of classification.Based on text classification and customized hazard assessment by vendor organizations,we can obtain the data sources for assessment and basic idea of it.2.The paper proposes the design of classifier based on vulnerability text information in order to determine the vulnerability category.A feature selection algorithm based on improved information gain has proposed to select an appropriate number of feature items for each category when we analyze candidate feature items from both in intra-class and inter-class perspectives.Then,the principle analysis of a variety of common text classifiers is present.According to the characteristics of the vulnerability text,select the initial classifier which is suitable for the classification of vulnerability,so as to complete the determination of the initial classifier.We also construct a binary tree multi-classification algorithm based on the maximum weighted class distance,to determine the classification decision order by comprehensive consideration of category differentiability and importance.So we can judge the vulnerability category by combining the initial classifier.3.The paper proposes the hazard assessment for information security vulnerability based on cloud model,aiming at calculating the vulnerability hazard rank and scores.First,we put forward the aim and criteria for assessment of information security vulnerability,analyze the factors that affect the degree of hazard and provide a process of hazard assessment for information security vulnerability based AHP and cloud model.Then,we hierarchically analyze the hazard degree and decompose it as vulnerability intrinsic value and vulnerability relevant value,while we also continue to decompose them into specific collecting assessment elements.In this way,we can obtain the importance evaluation of the elements by the elements quantification and the weight calculation.Then,we put forward the reverse cloud algorithm to generate a graded decision matrix,combined with the digital features of each element.Finally,we select the appropriate synthesis operator to synthetize the weight vector and graded decision matrix of the evaluation elements,and get the final hazard score and rank according to the cloud graph.4.We design the prototype system for classification and evaluation of information security vulnerability.Analyzing and evaluating the information security vulnerability in the specific application of this system,the structure function and workflow of the system are given.Meanwhile,the key modules are given and we test the system.The test results show that the system can determine the unknown vulnerability category and the hazard of vulnerability... |
PDF Full Text Request