Combining sources from CVE and CNNVD: Data analysis in information security vulnerabilities

Abstract

Abstract The information technology level of China continues to improve, and various industries are digitalized in different degrees. However, the development of the network has correspondingly brought the trouble of loopholes, which have caused mass economic losses to many enterprises. In the era of big data, it is necessary to understand the characteristics of the ever-emerging vulnerabilities. In this study, we used descriptive statistics and programming techniques to analyze more than 140,000 vulnerability records from CVE and CNNVD. We visualize the development trend of vulnerabilities through descriptive statistics and summarized the characteristics of vulnerabilities in products from manufacturers of different scales. The result shows that large companies usually face more and severer loopholes. Then, multivariate regression is conducted to explore the relationship between vulnerability type, threat type and hazard level. K-means clustering method is employed to select and extract features based on the description paragraphs of vulnerabilities. Finally, we categorize the loopholes according to different patterns, so as to find a breakthrough point for a quicker solution to new vulnerabilities with the existing classified database. The combined sources are proved to be useful for clustering analysis.