Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software vulnerability classification method and system

A software vulnerability and classification method technology, applied in computer parts, instruments, biological neural network models, etc., can solve the problems of less description information, low accuracy of software vulnerability classification, and not very good results, and achieves good accuracy, The effect of improving software classification accuracy, high dimensionality and sparsity

Active Publication Date: 2019-10-18
YANSHAN UNIV
View PDF7 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, due to the large number and types of software vulnerabilities, the description information of each vulnerability is relatively small, so that each vulnerability presents a high-dimensional and sparse feature in the generated word vector space
These automatic vulnerability classification methods based on machine learning algorithms are not very effective in dealing with high-dimensional and sparse problems, and cannot extract text features and represent semantic information well, while ignoring specific vulnerability information, which makes software vulnerability classification difficult. Not very accurate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software vulnerability classification method and system
  • Software vulnerability classification method and system
  • Software vulnerability classification method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0067] The object of the present invention is to provide a method and system for classifying software bugs, so as to improve the accuracy of software bug classification.

[0068] In order to make the above objects, features and advantages of the present invention more comprehensible, the invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0069] Such as figure 1 and 2 As shown, the present invention provides a kind of classification method of software vulnerability, and described classification method comprises the following steps:

[0070] Step 101, obtain training set and test set from vulnerability database.

[0071] Using the vulnerability data in the National Vulnerability Database (NVD) of the United States to conduct software vulnerability classification research. Firstly, the training set and test set are obtained from the US National Computer Common Vulnerability Database. But the vulnerabil...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a software vulnerability classification method and system. Skip-is used in the classification method. The classification method comprises the following steps: training and generating vulnerability word vectors by using a Skip-gram language model; mapping words in each vulnerability text into a space with a limited dimension, to represent semantic information, thereby reducing the sparsity of the word vector; then, fully using the advantages of feature extraction and semantic information representation of the convolutional neural network and the recurrent neural network;constructing a C-GRU neural network model, using a convolutional neural network to extract local features of text vectors, using a GRU to extract global features related to text contexts, and fusing the features extracted by the two complementary models. According to the method, the technical defects that an automatic vulnerability classification method based on a machine learning algorithm is poor in effect of processing high-dimensional and sparse problems, text features and representation semantic information cannot be well extracted, and specific vulnerability information is ignored are overcome, and the software classification accuracy is improved.

Description

technical field [0001] The invention relates to the field of software loophole detection, in particular to a software loophole classification method and system. Background technique [0002] With the rapid development of information technology, the application of the Internet and computers has penetrated into various industries. From energy, transportation, production, military, medical care to people's daily life, they are inseparable from the support of the Internet. While information technology brings us great convenience, it also brings huge risks and hidden dangers. In recent years, frequent computer security incidents, such as information systems being attacked and causing confidential information leakage, private data loss and other major loss security incidents, have brought huge losses to major enterprises, organizations and individuals, and caused computer The cause of the security incident is that the loopholes of the system are exploited by malicious attacks. T...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06K9/62G06N3/04
CPCG06F21/577G06N3/045G06F18/214
Inventor 王倩李亚洲
Owner YANSHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com