A software defect automatic detection method based on an open source code library

A software defect, open source code technology, applied in software testing/debugging, neural learning methods, error detection/correction, etc., can solve the problem of high false negative rate, achieve fast update speed, reduce false negative rate, and slow model update speed. restricted effect

Active Publication Date: 2019-04-30
NORTHWEST UNIV(CN)
View PDF4 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that the existing code defect static detection technology relies on manually defined patterns and has a high rate of false positives, the present invention proposes an automatic software defect detection method based on an open-source code base, which realizes defect detection on target files and prevents false negatives from occurring during false positives. The ability to report the exact location of a vulnerability in a low-rate premise

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A software defect automatic detection method based on an open source code library
  • A software defect automatic detection method based on an open source code library
  • A software defect automatic detection method based on an open source code library

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The present invention does not depend on a specific programming language. For the convenience of explanation, the present invention uses the open source code library Github and the Java language as examples to introduce the specific details of the present invention in detail. The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0044] Step 1, obtain the change record of the project file on the open source code base, filter the change record of the project file according to the keyword of the code defect type in the computer programming language adopted by the project file, and obtain the information of the project file with code defect; The project file information includes a change record with a code defect and a project file corresponding to the change record.

[0045]In this embodiment, the open source code library refers to a software project hosting platform on the Internet, such as Github, Gitlab, B...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a software defect automatic detection method based on an open source code library. The software defect automatic detection method comprises a bidirectional LSTM framework related to a source code feature extraction technology, a word vector representation method in natural language processing and a deep learning technology. The detection method is based on a code change record in a large-scale open source code warehouse Github. Through acquiring a large number of defect codes in the code changing process and using a static code analysis technology, data stream characteristics of defect code fragments are extracted, a code defect detection model is designed by the aid of a bidirectional LSTM framework in deep learning, technical support is provided for code defect static detection, defect detection on target files is achieved, and accurate vulnerability positions are reported on the premise of low missing report rate.

Description

technical field [0001] The invention relates to the field of code auditing, in particular to an automatic detection method for software defects based on an open source code base. Background technique [0002] Software vulnerabilities and system vulnerabilities are the core threats to network security. Therefore, vulnerability detection technology has always been a core research topic of network security. According to the standard of whether to execute the target program during the detection process, software security vulnerability detection technology is divided into dynamic detection technology and static detection technology. Among them, the dynamic detection technology injects test data during the running of the program to observe whether the program is running normally and whether the output conforms to the intention of the program, so as to achieve the purpose of finding program loopholes. Dynamic testing only focuses on the external performance of the program running....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06N3/04G06N3/08
CPCG06F11/3608G06N3/08G06N3/044G06N3/045
Inventor 汤战勇柯鑫孔维星叶贵鑫房鼎益陈晓江陈峰龚晓庆王薇李文瑾
Owner NORTHWEST UNIV(CN)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap