Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Source code vulnerability detection method based on graph convolution network

A convolutional network and source code technology, applied in the field of computer network security, can solve the problems of low false negative rate and false positive rate, and the inability of static detection technology of source code vulnerabilities to use graph representation at the same time, so as to narrow the scope and reduce the the effect of time

Active Publication Date: 2020-07-28
NORTHWEST UNIV
View PDF9 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] Aiming at the technical problem that the existing source code vulnerability static detection technology cannot use the graph representation method and the machine learning method at the same time, the purpose of the present invention is to provide a graph-based The source code vulnerability automatic detection method of the product network, the method represents the source code with a graph, and performs machine learning training on the graph, and realizes the function of detecting the vulnerability of the target source code and reporting the exact location of the vulnerability, and the false negative rate and a lower false positive rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Source code vulnerability detection method based on graph convolution network
  • Source code vulnerability detection method based on graph convolution network
  • Source code vulnerability detection method based on graph convolution network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] It should be noted that the automatic detection method for source code vulnerabilities based on graph convolutional networks of the present invention is not limited to specific programming languages. The specific details of the invention.

[0035] according to figure 1 As shown, this embodiment provides a method for automatic detection of source code vulnerabilities based on graph convolutional networks, including a training phase and a testing phase, wherein:

[0036] In the training phase, data acquisition and data preprocessing are performed on the training data set. The process of data preprocessing is to first judge whether the source code of the test data set has a sink method call, analyze the data flow of the sink method call, and then compare the source code with The suspicious code related to the sink method call is constructed as a code attribute graph, and the adjacency matrix and characteristic matrix of the code attribute graph are calculated, and the sin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a source code vulnerability automatic detection method based on a graph convolution network. In the training phase, carrying out data acquisition and data preprocessing; judging whether the source code is called by a sink method or not; calling a sink method to perform data flow analysis, constructing a code attribute graph, calculating an adjacent matrix and a feature matrix of the code attribute graph, labeling the code attribute graph, taking the adjacent matrix and the feature matrix in the code attribute graph as input of a graph convolution network, and trainingthe graph convolution network to obtain a trained network model; in the test stage, carrying out data acquisition and data preprocessing; judging whether the source code is called by a sink method ornot; and performing data flow analysis, constructing a code attribute graph, calculating an adjacent matrix and a feature matrix of the code attribute graph, inputting the trained graph convolutionalnetwork model, outputting a classification result of the code attribute graph, and representing whether the code attribute graph has vulnerabilities or not, i.e., whether the corresponding sink methodcall contains the vulnerabilities or not.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and relates to loophole detection in source code, in particular to a source code loophole detection method based on graph convolution network, which can automatically scan the source code for loopholes, and judge whether the source code contains loopholes , and report the location of the vulnerability, which provides technical support for the subsequent research on the automatic detection of code vulnerabilities. Background technique [0002] Hidden vulnerabilities in software can cause security problems, allowing attackers to compromise computer systems and applications. Thousands of such vulnerabilities are publicly reported to the Common Vulnerabilities and Exposures Database (CVE) every year, and many more are found and patched internally in proprietary code. As seen in many recent high-profile attacks such as the HeartBleedBug, the Wannacry ransomware password worm, and th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/04G06N3/08G06N20/00
CPCG06F21/563G06N3/08G06N20/00G06N3/045
Inventor 孔维星叶贵鑫王焕廷汤战勇房鼎益
Owner NORTHWEST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com