Abstract: In order to solve the problem that the traditional vulnerability remediation strategy is difficult to determine the prioritization of the same vulnerability severity level, this paper proposes a hierarchical vulnerability remediation model based on vulnerability type clustering (VR-VTC). Firstly, the PSO-K-means (particle swarm optimization K-means) algorithm is used to achieve clustering of vulnerability information. According to the percentage of the high, medium and low of each vulnerability type, the threat factor of every vulnerability type is calculated. Then, the vulnerabilities of target host are divided into four levels: the host, the vulnerability type threat level, the vulnerability type and the vulnerability. The hierarchical vulnerability remediation method based on vulnerability type is given, which uses the hierarchical idea which fixes the vulnerabilities from bottom to top and from local to global. The experimental results demonstrate that the model can provide the fine-grained vulnerability remediation strategy for the user.

Key words: network security, vulnerability information clustering, vulnerability remediation

摘要： 针对传统漏洞修复策略存在难以确定同一危害等级漏洞修复优先次序的问题，提出了一种基于漏洞类型聚类的层次化漏洞修复（vulnerability remediation based on vulnerability type clustering，VR-VTC）模型。首先，运用PSO-K-means（particle swarm optimization K-means）算法对漏洞信息进行聚类分析，再根据每种漏洞类型高危、中危、低危各个危害等级的百分比，计算每种漏洞类型的威胁因子；然后，将目标主机漏洞划分为主机、漏洞类型威胁等级、漏洞类型和漏洞4个层次，再采用“自下而上、先局部后整体”的漏洞修复策略，提出一种基于漏洞类型的层次化漏洞修复方法。实验结果表明，VR-VTC模型可为用户提供细粒度的漏洞修复策略。

关键词: 网络安全, 漏洞信息聚类, 漏洞修复