摘要
漏洞的分类能够有效提高漏洞分析和修复的效率,其分类的方式是按照漏洞的特征进行,将漏洞特征的提取转换为漏洞文本特征的提取。针对漏洞的描述性文本较短,特征选择模糊等缺点,提出了一种基于模糊熵特征选择算法的SVM的漏洞分类方法对漏洞分类进行研究。该方法结合模糊熵理论和支持向量机分类方法的优点,设计类间类内隶属度函数来体现特征项的分布情况,并结合模糊熵的计算作为漏洞特征提取的依据,通过SVM进行分类学习,对漏洞进行分类。仿真实验表明,基于模糊熵特征选择算法的SVM的漏洞分类方法实际可行,且分类准确率高于基于KNN和最大熵模型的分类方法,具有一定的研究意义。
The classification of vulnerability can improve the efficiency of vulnerability analysis and repair,its way is according to the characteristics of vulnerability,extracting the features of vulnerability texts to replace the features of vulnerability.This paper proposed a vulnerability classification method which was based on SVM with fuzzy entropy feature selection algorithm. This method combined the advantage of the fuzzy entropy theory and support vector machine,designed the membership function which was relied on between-class and inner-class dispersion to reflect the feature's distribution. At the same time,it used SVM to do the classification learning which combined with feature extraction through the fuzzy entropy. Through the simulation results,the way of the vulnerability classification which is based on SVM with fuzzy entropy feature selection algorithm is practical and gets a higher classification accuracy rate than the classification method which is based on KNN or maximum entropy models.
出处
《计算机应用研究》
CSCD
北大核心
2015年第4期1145-1148,共4页
Application Research of Computers
基金
国家科技支撑计划资助项目(2011BAH14B04)
中央财政支持地方高校发展专项基金资助项目(财教[2012]140号)
关键词
模糊熵
支持向量机
漏洞特征
漏洞文本
特征选择
漏洞分类
fuzzy entropy
support vector machine
the features of vulnerability
vulnerability texts
selective gain
Vul-nerability classification
