ASVC: An Automatic Security Vulnerability Categorization Framework Based on Novel Features of Vulnerability Data
Security vulnerabilities are a main cause of network security. Vulnerability classification gives the users a better understanding of the essence of vulnerabilities, which help propose efficient solutions. However, applying Vulnerability Categorization Standard (VCS) to manually categorize vulnerabilities is impracticable since it is time-consuming and subjective. To address this issue, a new framework named Automatic Security Vulnerabilities Categorization framework (ASVC) is proposed based on text mining. To further improve the accuracy, a new rule for extraction of features of text mining is proposed. ASVC abstracts the categorization of vulnerabilities into a process of text mining and categorize vulnerabilities automatically according to a VCS.