| With the development of Internet, large numbers of vulnerabilities are discovered continually. Hackers often exploit the vulnerabilities in computer software or configuration to implement unauthorized access, privilege escalation and DoS attack. And all these badly compromise the system security. It was only in 2005 that there are 624,634 emails received by CERT/CC reporting security occurrences and 5990 vulnerabilities reported by CERT/CC. Hence many research organizations and personnel develop research works on vulnerability which are mainly about integrating vulnerabilities'attributes, constructing complete vulnerability database, and systemically research vulnerability as well as vulnerability taxonomy based on a mass of vulnerability information.Data mining is the knowledge discovery technique oriented to a great deal of data, and it can extract unknown useful knowledge from data automatically and efficiently. Moreover, association rule mining is the most successful and the most significant field in data mining and it can discover interesting association or relative relationships among items in a mass of knowledge. So mining association rules in vulnerability database can discover associated relationships among attributes or items of vulnerabilities, and provide new information for research and application on vulnerability taxonomy.Firstly, this paper improves single dimensional association rule mining algorithm AprioriTidList based on deep research on association rule mining algorithms, and advances an efficient multidimensional association rule mining algorithm AprioriTidList+ that is suitable for vulnerability database of RDBMS. Furthermore, the algorithm is applied on vulnerability database including data preparation, implement of the algorithm and analysis of experiment results, where data preparation is mainly to select some from numerous vulnerabilities and vulnerability attributes that are suitable for association rule mining to do experiments, meanwhile do the discrete process on quantified attribute values.The experiment results above show that mining algorithms in"support - confidence"frame miss some valuable information with some high threshold, while if the threshold is low, a mass of meaningless and redundant rules are... |
PDF Full Text Request