A fine-grained source code vulnerability detection method based on graph neural network

Abstract

The invention discloses a fine-grained source code vulnerability detection method based on a graph neural network, including the following: A. For all source codes of a software, extract the code attribute graph of the function in the source code, and perform vectorized representation of the code attribute graph , the vectorized representation includes the vectorized representation of node attributes and graph structure; B, uses the graph attention network to extract code features, and processes all sentences to obtain the final data set; C, trains the vulnerability detection model, and passes the effect on the test set Determine the final model. The source code vulnerability detection method provided by the invention has a higher degree of automation, reduces the dependence on domain expert knowledge, greatly saves the cost of code auditing, improves the efficiency of code auditing, and better retains the syntax and semantic information in the source code. , while using the graph attention network can more purposefully learn the vectorized representation of sentences and achieve more fine-grained sentence-level vulnerability detection.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a fine-grained source code vulnerability detection method based on a graph neural network. Background technique [0002] As an indispensable part of the information society, software is playing an increasingly important role. It is not only inseparable from the daily life of individuals, but also closely related to the development of society. However, software is a double-edged sword. While it provides convenient services for individuals and society, potential loopholes in software may also cause great losses to individuals and society. Vulnerabilities in software are often unavoidable. On the one hand, it is difficult to avoid problems in the process of software design, development, and deployment. On the other hand, due to commercial benefits, the software development cycle cannot be too long, which further increases. The software is at risk of vulnerabilities. In or...

AI Technical Summary

Problems solved by technology

[0004] In view of the above-mentioned defects of the prior art, the technical problem to be solved by the present invention is to provide a fine-grained source code vulnerability detection method based on a graph neural network, using a code attribute graph as an intermediate representation of source code, and using a graph attention network to learn The vector representation of the sentence, finally combined with the deep neural network to realize the fine-grained vulnerability detection at the sentence level, solves the problems of the existing vulnerability detection methods, such as high false negative rate, heavy reliance on domain expert knowledge, excessive detection granularity, and lack of suitable intermediate representation in the source code

Images