Deep learning-based vulnerability detection method and system

A vulnerability detection and deep learning technology, which is applied in the field of vulnerability detection and systems based on deep learning, can solve problems such as the inability to determine the specific location of the vulnerability, and achieve high accuracy, high scalability, and high scalability.

Active Publication Date: 2018-04-06
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 82 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of method requires experts to define the attributes that describe the vulnerability, and because it is at a coarse-g

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deep learning-based vulnerability detection method and system
  • Deep learning-based vulnerability detection method and system
  • Deep learning-based vulnerability detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038]In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below may be combined with each other as long as they do not constitute a conflict with each other.

[0039] The overall idea of ​​the present invention is to extract the candidate code segments merged by various parameter program slices for the library / API function call, and automatically generate the vulnerability features based on the deep learning model in the training stage, without relying on expert knowledge, so that the vulnerability features can be generated Fully automated. At the same...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a deep learning-based vulnerability detection method and system. The method comprises an offline vulnerability classifier training part and an online vulnerability detection part. The offline vulnerability classifier training part comprises the following steps of: calling candidate code sections for a training program extraction library/API function; adding type label for the candidate code sections; converting the candidate code sections into vectors; inputting the vectors into a neural network model to carry out training; and finally outputting a vulnerability classifier. The online vulnerability detection part comprises the following steps of: calling candidate code sections for a target program extraction library/API function; converting the candidate code sections into vectors; classifying the candidate code sections by adoption of the trained vulnerability classifier; and finally outputting the code sections which contain online vulnerabilities in the classification result. According to the method and system, vulnerability features aiming at library/API function calling can be automatically generated, and the operation does not depend on expert knowledges and is not restricted to vulnerability types, so that the false report rate and missing report rate of vulnerability detection in target programs can be remarkably reduced and vulnerability positions can be given.

Description

technical field [0001] The invention belongs to the field of vulnerability detection based on vulnerability characteristics in the research of vulnerability detection, and more specifically relates to a method and system for detecting vulnerabilities based on deep learning. Background technique [0002] Most of the current security problems are caused by unsafe code. Despite the growing awareness of developer code security, security issues in software are still becoming more prominent. In 2010, about 4,600 vulnerabilities were registered in Common Vulnerabilities and Exposures (CVE); in 2016, nearly 6,500 vulnerabilities were registered, and the number of released vulnerabilities is on the rise. Therefore, finding vulnerabilities as early as possible is the key to solving software security problems. [0003] Static vulnerability detection is widely used by code auditors to find potential vulnerabilities in software source code due to its advantages of fast detection speed ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 金海邹德清李珍王苏娟
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap