|
Title:
|
SOLUTION PREDICTION FOR VULNERABILITIES USING TEXTUAL DATA |
|
Author(s):
|
Atefeh Khazaei, Mohammad Ghasemzadeh, Christoph Meinel |
|
ISBN:
|
978-989-8533-56-2 |
|
Editors:
|
Hans Weghorn |
|
Year:
|
2016 |
|
Edition:
|
Single |
|
Keywords:
|
Vulnerability, Text Mining, Solution Predictor, Overlapping Clustering |
|
Type:
|
Short Paper |
|
First Page:
|
200 |
|
Last Page:
|
204 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
This paper reports an in progress research project. Each year many software vulnerabilities are discovered and reported. These vulnerabilities can lead to system exploitations and consequently finance and information losses. Soon after detection of vulnerabilities, requests for solutions arise. Usually it takes some time and effort until an effective solution is provided. Therefore it is very desirable to have an automated vulnerability solution predictor. In this paper we introduce an effective approach to achieve such a predictive system. In the first step, by using text mining techniques, we extract some features from the available textual data concerning vulnerabilities. Due to the pattern of the existing overlap between different categories of vulnerabilities and their solutions, we found the overlapping clustering algorithm to be the most suitable method to cluster them. After that, we attempt to find the existing relationship among the obtained clusters. In the last step, we benefit from machine learning methods to construct the requested solution predictor. In our approach we propose an automated quick workaround solution; in workaround solutions, users do not need to wait for a patch or a new version of software but they bypass a problem caused by vulnerability with additional effort to avoid its damages. |
|
|
|
|
|
|
