Go to DBLP homepageFocus on the Stability of Large Systems: Toward Automatic Prediction and Analysis of Vulnerability Threat Intelligence
Abstract: With the increase in the number of users and business volume, the business systems of Internet companies are becoming more and more complex, resulting in a surge in the number of alarms. A large number of dirty alarms add a huge workload to security operations, which indirectly pose a large number of threats to business systems. At present, most systems use the method of accessing third-party Threat Intelligence to assist operators to realize automatic handling of alarms. However, this method has lagging and accuracy problems, making this work always difficult to meet the requirements of fast and accurate. This article proposes a new method for gathering vulnerability Threat Intelligence, which can obtain vulnerability information in advance of security announcements issued by security vendors. By analyzing the vulnerability disclosure process, this method obtains vulnerability information from the original source submitted by open source mail group, of developers. We used NLP technology and XGBoost model to automatically analyze the vulnerability information, and finally generate FINTEL. The experimental result shows that this method has an accuracy of 93%, and can obtain vulnerability information 10h to 7 days before security vendors release. The scope of application covers all open source code repositories and some closed source repositories.
Loading