基于熵的二叉树多类支持向量机的漏洞分类

doi:10.11772/j.issn.1001-9081.2014.11.3283

计算机应用 ›› 2014, Vol. 34 ›› Issue (11): 3283-3286.DOI: 10.11772/j.issn.1001-9081.2014.11.3283

基于熵的二叉树多类支持向量机的漏洞分类

张鹏,谢晓尧

贵州省信息与计算科学重点实验室(贵州师范大学),贵阳 550001

收稿日期:2014-05-26 修回日期:2014-06-26 出版日期:2014-11-01 发布日期:2014-12-01
通讯作者: 张鹏
作者简介:张鹏(1990-),男,江苏南京人,硕士研究生,主要研究方向:网络通信、信息安全;谢晓尧(1952-),男,贵州贵阳人,教授,博士,主要研究方向:网络通信、信息安全。
基金资助:
国家科技支撑计划项目

Vulnerability classification based on binary tree with entropy multi-class support vector machine

ZHANG Peng,XIE Xiaoyao

Key Laboratory of Information and Computing Science of Guizhou Province (Guizhou Normal University), Guiyang Guizhou 550001, China

Received:2014-05-26 Revised:2014-06-26 Online:2014-11-01 Published:2014-12-01
Contact: ZHANG Peng

摘要/Abstract

摘要：

为了有效提高漏洞分类的准确性,针对基于二叉树多类支持向量机分类算法的分类复杂性和分类结果依赖二叉树的结构等缺点,提出了一种基于熵的二叉树多类支持向量机的漏洞分类算法。根据定义最小超球体进行漏洞样本空间的分类,有效地通过熵的计算来描述漏洞之间的混杂程度,使得漏洞分类的计算过程被简化且能够有效减少分类结果对二叉树结构的依赖。采用公共漏洞枚举(CWE)漏洞分类体系在收集到的3000个漏洞样本上进行大量仿真实验,漏洞分类的平均准确率和平均召回率达93.3%和93.25%,高于基于二叉树多类支持向量机分类算法和K-近邻(KNN)分类算法得到的平均值。实验结果表明所提算法有效可行,能精确地实现漏洞的分类。

Abstract:

To effectively improve the accuracy of the vulnerabilities' classification, the vulnerability classification algorithm based on binary tree with entropy multi-class support vector machine was proposed to solve the insufficiency of the classification algorithm based on binary tree multi-class support vector machine, which could effectively reduce the complexity of the classification and dependence on the structure of binary tree. According to defining the smallest hyper sphere to classify the vulnerability's sample space, and used the entropy to describe the confusion degree among vulnerabilities, thus the calculation process of vulnerability classification was simplified, and the classification results' dependence on the structure of the binary tree was reduced. Experiments were conducted on 3000 vulnerabilities' samples using Common Weakness Enumeration (CWE), the average vulnerability classification accuracy and the average recall rate respectively were 93.3% and 93.25%, which were higher than those of the classification algorithm based on the binary tree multi-class support vector machine and the classification algorithm based on K-Nearest Neighbor (KNN). The experimental results indicate that the proposed algorithm is practical and feasible, it can achieve the precise vulnerability classification.

中图分类号:

张鹏谢晓尧. 基于熵的二叉树多类支持向量机的漏洞分类[J]. 计算机应用, 2014, 34(11): 3283-3286.

ZHANG Peng XIE Xiaoyao. Vulnerability classification based on binary tree with entropy multi-class support vector machine[J]. Journal of Computer Applications, 2014, 34(11): 3283-3286.

参考文献

[1]BAZAA A, ARTHUR J D. Towards a taxonomy of vulnerabilities[C]// Proceedings of the 40th Annual Hawaii International Conference on System Sciences. Piscataway: IEEE Press, 2007:163a-173a.
[2]TUPPER M. A comparison of word frequency and n-gram based vulnerability categorization using SOM[EB/OL].[2014-01-12]. http://web.cs.dal.ca/~tupper/CDMP2008.pdf.
[3]CHEN Z, ZHANG Y, CHEN Z. A categorization framework for common computer vulnerabilities and exposures [J]. The Computer Journal, 2010,53(5):551-580.
[4]MA C, GAO L, SUN Q, et al. Assessment of vulnerability threat based on fuzzy theory[J]. Application Research of Computers, 2014,31(3):815-818,824.(马驰,高岭,孙骞,等.基于模糊理论的漏洞危害等级评估[J].计算机应用研究,2014,31(3):815-818,824.)
[5]CHEN G, LIU Z. Text classification based on maximum entropy and feature aggregation[J]. Computer Applications and Software, 2008, 25(3): 263-267,277.(陈光,刘宗田.基于特征聚合与最大熵的文本分类算法[J].计算机应用与软件,2008,25(3):263-267,277.)
[6]XIE J, ZHANG B, WANG W. A partial binary tree algorithm for multi-class classification based on twin support vector machines [J]. Journal of Nanjing University: Natural Science, 2011,47(4):354-363.(谢娟英,张兵权,汪万紫.基于双支持向量机的偏二叉树多类分类算法[J].南京大学学报:自然科学版,2011,47(4):354-363.)
[7]GULINAZI, SUN T. The application of multi-class SVM based binary tree in Web text categorization[J]. Journal of Xinjiang University: Natural Science, 2011,28(1):100-104.(古丽娜孜,孙铁利.基于二叉树的多类SVM在Web文本分类中的应用研究[J].新疆大学学报:自然科学版,2011,28(1):100-104.)
[8]LONG J, WANG Y, LIU G. Research on text classification based on binary tree multi-class support vector machines [J]. Computer Systems and Applications, 2009,18(5):65-68.(龙军,王易,刘高篙.基于二叉树多类支持向量机的文本分类研究[J].计算机系统应用,2009,18(5):65-68.)
[9]LI R, LI A, CAI Y, et al. Euclidean distance based method unclassifiable region of support vector machine [J]. Journal of Computer Applications, 2010,30(2):476-478,546.(李仁兵,李艾华,蔡艳平,等.基于欧氏距离的支持向量机拒识区域解决方案[J].计算机应用,2010,30(2): 476-478,546.)
[10]SCHOLKOPF B, BURGES C, VAPNIK V. Extracting support data for a given task [C]// Proceedings of the First International Conference on Knowledge Discovery and Data mining. Madison: AAAI Press,1995:252-257.
[11]LIU J, LIU Z, XIONG Y. Improved multi-category support vector machines base on binary tree[J]. Computer Engineering and Applications,2010,46(33):117-120.(刘健,刘忠,熊鹰.改进的二叉树支持向量机多类分类算法研究[J].计算机工程与应用, 2010,46(33):117-120.)
[12]GAO Y. Design and realization on security vulnerability database[J]. Microelectronics and Computer, 2004,24(3):99-101.(高寅生.安全漏洞库设计与研究实现[J].微电子学与计算机,2004,24(3):99-101.)
[13]WANG G, XIA Y. A study on the classification of computer security vulnerability [J]. Computer Security, 2008(11):68-72.(汪贵生,夏阳.计算机安全漏洞分类研究[J].计算机安全,2008(11):68-72.)

[1]	殷雨昌王洪元陈莉冯尊登肖宇. 基于单标注样本的多损失学习与联合度量视频行人重识别[J]. 计算机应用, 0, (): 0-0.
[2]	左亚尧陈致然洪嘉伟陈坤. 融合多语义特征的命名实体识别方法[J]. 计算机应用, 0, (): 0-0.
[3]	袁景凌, 丁远远, 潘东行, 李琳. 基于时序和上下文特征的中文隐式情感分类模型[J]. 计算机应用, 2021, 41(10): 2820-2828.
[4]	杨书新, 张楠. 融合情感词典与上下文语言模型的文本情感分析[J]. 计算机应用, 2021, 41(10): 2829-2834.
[5]	杨璐, 何明祥. 基于门控机制和卷积神经网络的中文文本情感分析模型[J]. 计算机应用, 2021, 41(10): 2842-2848.
[6]	董永峰, 刘超, 王利琴, 李英双. 融合多跳关系路径信息的关系推理方法[J]. 计算机应用, 2021, 41(10): 2799-2805.
[7]	吴赛赛, 梁晓贺, 谢能付, 周爱莲, 郝心宁. 面向领域实体关系联合抽取的标注方法[J]. 计算机应用, 2021, 41(10): 2858-2863.
[8]	胡婕胡燕刘梦赤张龑. 基于知识库实体增强BERT模型的中文命名实体识别[J]. 计算机应用, 0, (): 0-0.
[9]	郝志刚秦丽李国亮. 基于多属性综合评价的食品安全标准引用网络重要节点发现方法[J]. 计算机应用, 0, (): 0-0.
[10]	丁行硕李翔谢乾. 基于标签分层延深建模的企业画像构建方法[J]. 计算机应用, 0, (): 0-0.
[11]	刘子辰, 李小娟, 韦伟. 基于循环神经网络的专利价格自动评估[J]. 计算机应用, 2021, 41(9): 2532-2538.
[12]	余敦辉, 万鹏, 王社. 基于企业知识图谱构建的实体关联查询系统[J]. 计算机应用, 2021, 41(9): 2510-2516.
[13]	张阳王小宁. 基于Word2Vec词嵌入和高维生物基因选择遗传算法的文本特征选择方法 [J]. 计算机应用, 0, (): 0-0.
[14]	李灿杨雅婷马玉鹏董瑞. 基于语种相似性挖掘的神经机器翻译语料库扩充方法[J]. 计算机应用, 0, (): 0-0.
[15]	王伟, 赵尔平, 崔志远, 孙浩. 基于HowNet义原和Word2vec词向量表示的多特征融合消歧方法[J]. 计算机应用, 2021, 41(8): 2193-2198.

基于熵的二叉树多类支持向量机的漏洞分类

Vulnerability classification based on binary tree with entropy multi-class support vector machine

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics