Supercharge Your Innovation With Domain-Expert AI Agents!

C/C++ vulnerability static detection method based on neural network and deep learning

A neural network and static detection technology, applied in the field of information security, can solve problems such as poor adaptability, slow detection speed, and inability to detect differences in morphological characteristics, and achieve strong vulnerability adaptability and high-precision detection effects

Active Publication Date: 2021-03-26
中国人民解放军陆军炮兵防空兵学院 +1
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is how to provide a static detection method for C / C++ vulnerabilities based on neural network and deep learning, so as to solve the problems of low efficiency, poor adaptability, slow detection speed and inability to detect differences in morphological characteristics of existing vulnerability detection methods Larger vulnerabilities and other issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • C/C++ vulnerability static detection method based on neural network and deep learning
  • C/C++ vulnerability static detection method based on neural network and deep learning
  • C/C++ vulnerability static detection method based on neural network and deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] In order to make the purpose, content and advantages of the present invention clearer, the specific implementation of the present invention will be further described in detail below in conjunction with the accompanying drawings and examples.

[0038] This paper proposes a static detection framework for C / C++ source code vulnerabilities based on neural network and deep learning CVDF (C / C++ Vulnerability Detection Frame). The most common types of vulnerabilities, such as buffer overflow, format string and number errors, etc., perform vulnerability mining and vulnerability detection on the source code from the static detection level. It no longer targets at a specific vulnerability keyword analysis, but through The CVDF-FP neural network and a variety of special vulnerability types are processed. The neural network extracts different vulnerability keywords and key operational features to form the vulnerability feature vector defined in this paper, and then passes through th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a C / C++ vulnerability static detection method based on a neural network and deep learning, and belongs to the field of information safety. The method comprises the following steps: performing data cleaning and code slicing on a to-be-detected source code; converting the code slice into an input vector of the CVDF-LZW code; converting the input vector into equal-length input, and performing normalization processing; inputting the keyword information of the normalized vector into 14 neurons, wherein the output of the normalized vector is a 14-dimensional vector; inputting the normalized vectors into different neural networks, and outputting corresponding operation dimension vectors in the vulnerability feature vectors; integrating the 14-dimensional vector and the operation dimension vector into a 35-dimensional vulnerability feature vector; extracting associated neurons from the vulnerability feature vectors in a non-full connection mode, obtaining a six-dimensional output vector through linear function conversion, and converting corresponding vulnerability type feature values into corresponding probability values through softmax multi-classification layers.According to the method, high-precision detection can be realized for various vulnerabilities, and the efficiency and the adaptability are improved.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a static detection method for C / C++ vulnerabilities based on neural network and deep learning. Background technique [0002] At present, software security has become one of the hot topics that people pay more and more attention to. According to the CSEC2017 model, knowledge domains are divided into six aspects: data security, software security, system security, personnel security, organizational security, and social security, with software security among them. With the explosive growth of software, the research on software security vulnerabilities is facing severe challenges. In the field of source code-oriented vulnerability static detection, the traditional manual detection method is inefficient and cannot effectively deal with the ever-increasing software vulnerabilities in various forms, and the recognition accuracy depends on the technical level of software s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06N3/04G06N3/08
CPCG06F21/563G06N3/049G06N3/084G06N3/047G06N3/048G06N3/045
Inventor 钱叶魁付才韩兰胜杨瑞朋黄浩雒朝峰杜江时晨航
Owner 中国人民解放军陆军炮兵防空兵学院
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More