School of Computer Science and Engineering, North Minzu University, Yinchuan, China.
PLoS One. 2024 Sep 10;19(9):e0309809. doi: 10.1371/journal.pone.0309809. eCollection 2024.
More and more attention has been paid to computer security, and its vulnerabilities urgently need more sensitive solutions. Due to the incomplete data of most vulnerability libraries, it is difficult to obtain pre-permission and post-permission of vulnerabilities, and construct vulnerability exploitation chains, so it cannot to respond to vulnerabilities in time. Therefore, a vulnerability extraction and prediction method based on improved information gain algorithm is proposed. Considering the accuracy and response speed of deep neural network, deep neural network is adopted as the basic framework. The Dropout method effectively reduces overfitting in the case of incomplete data, thus improving the ability to extract and predict vulnerabilities. These experiments confirmed that the excellent F1 and Recall of the improved method reached 0.972 and 0.968, respectively. Compared to the function fingerprints vulnerability detection method and K-nearest neighbor algorithm, the convergence is better. Its response time is 0.12 seconds, which is excellent. To ensure the reliability and validity of the proposed method in the face of missing data, the reliability and validity of Mask test are verified. The false negative rate was 0.3% and the false positive rate was 0.6%. The prediction accuracy of this method for existing permissions reached 97.9%, and it can adapt to the development of permissions more actively, so as to deal with practical challenges. In this way, companies can detect and discover vulnerabilities earlier. In security repair, this method can effectively improve the repair speed and reduce the response time. The prediction accuracy of post-existence permission reaches 96.8%, indicating that this method can significantly improve the speed and efficiency of vulnerability response, and strengthen the understanding and construction of vulnerability exploitation chain. The prediction of the posterior permission can reduce the attack surface of the vulnerability, thus reducing the risk of breach, speeding up the detection of the vulnerability, and ensuring the timely implementation of security measures. This model can be applied to public network security and application security scenarios in the field of computer security, as well as personal computer security and enterprise cloud server security. In addition, the model can also be used to analyze attack paths and security gaps after security accidents. However, the prediction of post-permissions is susceptible to dynamic environments and relies heavily on the updated guidance of security policy rules. This method can improve the accuracy of vulnerability extraction and prediction, quickly identify and respond to security vulnerabilities, shorten the window period of vulnerability exploitation, effectively reduce security risks, and improve the overall network security defense capability. Through the application of this model, the occurrence frequency of security vulnerability time is reduced effectively, and the repair time of vulnerability is shortened.
越来越多的人关注计算机安全,其漏洞亟待更敏感的解决方案。由于大多数漏洞库的数据不完整,难以获取漏洞的预授权和后授权,并构建漏洞利用链,因此无法及时响应漏洞。因此,提出了一种基于改进信息增益算法的漏洞提取和预测方法。考虑到深度神经网络的准确性和响应速度,采用深度神经网络作为基本框架。Dropout 方法有效地减少了不完全数据情况下的过拟合,从而提高了漏洞提取和预测能力。这些实验证实,改进方法的优秀 F1 和召回率分别达到 0.972 和 0.968。与功能指纹漏洞检测方法和 K-最近邻算法相比,收敛性更好。其响应时间为 0.12 秒,性能优异。为了确保在面对缺失数据时提出的方法的可靠性和有效性,验证了 Mask 测试的可靠性和有效性。假阴性率为 0.3%,假阳性率为 0.6%。该方法对现有权限的预测准确率达到 97.9%,能更积极地适应权限的发展,从而应对实际挑战。这样,公司可以更早地发现和发现漏洞。在安全修复方面,该方法可以有效提高修复速度,减少响应时间。对后存在权限的预测准确率达到 96.8%,表明该方法可以显著提高漏洞响应的速度和效率,增强对漏洞利用链的理解和构建。对后存在权限的预测可以减少漏洞的攻击面,从而降低漏洞被利用的风险,加快漏洞的检测,确保安全措施的及时实施。该模型可以应用于计算机安全领域的公共网络安全和应用安全场景,以及个人计算机安全和企业云服务器安全。此外,该模型还可以用于分析安全事故后的攻击路径和安全漏洞。然而,后授权的预测容易受到动态环境的影响,并且严重依赖于安全策略规则的更新指导。该方法可以提高漏洞提取和预测的准确性,快速识别和响应安全漏洞,缩短漏洞利用的窗口期,有效降低安全风险,提高整体网络安全防御能力。通过该模型的应用,有效降低了安全漏洞时间的发生频率,缩短了漏洞的修复时间。
