• 网络与信息安全 •

### S-C特征提取的计算机漏洞自动分类算法

1. 1. 燕山大学 信息科学与工程学院，河北 秦皇岛 066001
2. 河北省计算机虚拟技术与系统集成实验室，河北 秦皇岛 066001
• 出版日期:2020-07-01 发布日期:2020-08-12

### Automatic Classification of Computer Vulnerability Based on S-C Feature Extraction

REN Jiadong, WANG Qian, WANG Fei, LI Yazhou, LIU Jiaxin

1. 1. College of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei 066001, China
2. Computer Virtual Technology and System Integration Laboratory of Hebei Province, Qinhuangdao, Hebei 066001, China
• Online:2020-07-01 Published:2020-08-12

Abstract:

In recent years, the number of unknown computer vulnerabilities has increased rapidly. It is an important and unsolved problem for analyzing and classifying a large number of vulnerability data timely and accurately. Therefore, this paper proposes a text classification method for computer vulnerability description information   based on information entropy and comprehensive function[(S-C)]feature extraction and combines the averaged one-dependence estimators (AODE) classifier. First, the feature words are extracted by the[S-C]feature extraction method. By combining the comprehensive function[C]of the importance degree between classes and within classes of words, the importance degree of words to classes is calculated. Then, the information entropy[S]of words to classes is used to weaken the importance of words with chaotic classification and an accurate feature set is selected. Finally, the vulnerability data set is classified by using AODE which relates the relationship between feature word sets. The experimental comparison shows that the[S-C]feature extraction method can extract the accurate feature word set, and the classification accuracy combined with AODE classifier is higher than traditional classifier model.