Abstract
Purpose: the development of automated system of software vulnerabilities analysis for information-control systems on the basis of intelligent analysis of texts written on the natural language (Text Mining). Methods: the idea of the used investigation method is based on matching the set of extracted software vulnerabilities and relevant information security threats by means of evaluating the semantic similarity metrics of their textual description with use of Text Mining methods. Practical relevance: the architecture of the automated system of software vulnerabilities analysis is developed, the application of which allows us to evaluate the level of vulnerabilities criticality and match it with the most suitable by discretion (i.e. semantically similar) threats from the Bank of information security threats of FSTEC Russia while ensuring vulnerabilities and threats. The main software modules of the system have been developed. Computational experiments were carried out to assess the effectiveness of its application. The results of comparative analysis show that application of the given system allows us to increase the credibility of evaluating the criticality degree of vulnerabilities, considerably decreasing the time for a search and matching vulnerabilities and threats.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
