Research On Vulnerability Intelligent Classification Technology Based On Vulnerability Meta-feature

With the development and progress of Internet technology,the update speed of software has accelerated,and the application range of software has become more extensive,which has brought great convenience to people's daily lives.At the same time,security vulnerabilities in software have exploded,and the types of vulnerabilities are diverse,which vary in the degree of harm to systems.Whether the vulnerability classification can be implemented efficiently will directly affect the efficiency of vulnerability management.Traditional vulnerability classification is mostly based on manual judgement,lacking of automatic analysis.Since the process of vulnerability classification is complicated,security staff have to face up with heavy workload and long analysis cycles,which means manual judgement cannot cope with the growing security vulnerability problems.Under the above background,this paper proposes a vulnerability intelligent classification technology based on vulnerability meta-feature.We extract vulnerability features from runtime data in the process of triggering a vulnerability,and classify vulnerabilities according to features.In the process of software execution,we use PoC(Proof of Concept)as the input of software to trigger vulnerabilities,which leads to a crash of the program.Then,we monitor the state of software and extract key data at the crash site as primitive features of the vulnerability by dynamic program instrumentation technology.Combining filter and wrapper feature selection methods,the vulnerability meta-feature that reflects the core attributes of a vulnerability are screened out from the primitive features.Finally,we build a single-feature classification model with the best integrated performance for each meta-feature.Through model fusion,a multi-feature vulnerability classification model is finally constructed for verification and classification of software vulnerabilities.This method is proved to provide with good classification ability after testing,with the accuracy of stack overflow vulnerability classification at 99.83%,which can be effectively applied to automatic verification and classification of vulnerabilities.