摘要
在以计算机和网络为基础的信息社会中,计算机和网络系统中存在的漏洞给网络信息安全带来了巨大挑战,大部分网络攻击往往都是基于漏洞发起的,并且随着近些年来漏洞数量的急剧增加以及发现速度的加快,收集、整理和利用已有漏洞就变得越来越重要.而漏洞库作为信息安全基础设施中重要的一环,不仅能够保存各类漏洞的基本信息、特征、解决方案等属性,还能快速响应漏洞信息并及时进行传播,提高公众应对信息安全威胁的能力.同时,随着机器学习、自然语言处理等技术的发展,越来越多的工作开始关注人工智能技术在智能化漏洞信息处理中的应用,漏洞库能作为其中的一个重要数据基础,在计算机领域中发挥着越来越重要的作用.漏洞库研究已成为计算机领域的一个研究热点和重点.本文首次从基础知识、背景、理论方法和创新等方面对近些年来围绕漏洞库的研究进行了全面调查,具体包括以下内容:(1)回顾了漏洞及漏洞库的背景知识,包括定义及分类;还阐述了漏洞发布与漏洞库之间的关系;(2)对漏洞库的发展现状进行介绍,同时介绍了漏洞库建设的相关标准;(3)归纳并总结了已有研究围绕漏洞库建设在漏洞信息收集、管理、字段补全以及质量评价等方面的进展;(4)归纳并总结了已有研究基于漏洞库数据分别在漏洞预测与扫描、漏洞修补、软件安全性及成分分析、网络攻击建模、安全态势分析以及漏洞特征的规律及关联性挖掘等方向的应用;(5)讨论了漏洞库研究存在的挑战和未来的研究方向.
Abstract
In the information society based on computers and networks,vulnerabilities in computer and network systems have brought great challenges to network information security.Most network attacks are launched based on vulnerabilities,and with the sharp increase in the number of vulnerabilities and the speed of discovery in recent years,it is becoming more and more important to collect,manage and exploit existing vulnerabilities.On this basis,as an important part of information security infrastructure,vulnerability database can not only store basic information,characteristics,solutions and other attributes of various vulnerabilities,but also quickly respond to vulnerability information and disseminate it in a timely manner to improve the public's ability to deal with information security threats.At the same time,with the development of machine learning,natural language processing and other technologies,more and more researchers are paying attention to the application of artificial intelligence technology in intelligently processing vulnerability information.The vulnerability database can serve as an important data foundation and play an increasingly important role in the field of computers.Vulnerability database research has become a popular research topic in the field of computer science.This paper is the first comprehensive survey of research on vulnerability databases in recent years,from multiple perspectives including basic concepts,background knowledge,theoretical frameworks,and innovation points.The specific contents include the following:(1)Reviewed the background knowledge of vulnerabilities and vulnerability databases,including definitions and classifications,and also elaborated on the relationship between vulnerability publication and vulnerability databases;(2)Introduced the development status of vulnerability databases,and also discussed standards related to vulnerability database construction;(3)Classified and summarized the existing research progress in vulnerability information collection,management,filling of incomplete fields and quality evaluation around the construction of vulnerability databases;(4)Classified and summarized existing research on the application of vulnerability database data in vulnerability prediction and scanning,vulnerability repair,software security and component analysis,network attack modeling,security situational analysis,and vulnerability feature regularity and correlation mining;(5)Discussed the challenges and future research directions of vulnerability database research.
NETL
NSTL
万方数据