A MINING METHOD FOR COMPUTER VULNERABILITY CORRELATION

With the development of computer software system, computer vulnerabilities are continually increasing. These vulnerabilities have severe impacts on confidentiality, authenticity and availability of computer system and network. In the field of host system vulnerability assessment, the traditional method is only to consider the threats of isolated vulnerability to software systems. However, through analyzing multistage attacks and vulnerabilities on Internet, we find that attackers often synthetically exploit several cor- relative vulnerabilities to badly compromise the systems. Therefore, study on vulnerability correlation is important for improving the accuracy and validity of security assessment. This paper firstly gives the definition, expression and significance of vulnerability cor- relation. Then a mining method for vulnerability correlation is proposed. Finally, an experiment is conducted to verify the efficiency of the new approach. Keywords: Security assessment, Computer vulnerability, Vulnerability correlation, Min- ing method