Function-level code vulnerability detection method based on slice attribute graph representation learning

A vulnerability detection and attribute graph technology, applied in the field of vulnerability detection, can solve problems such as affecting model learning efficiency, high model false positive rate, complexity and bulk, and achieve the effect of avoiding adverse effects, improving coverage, and reducing complexity.
CN112699377AActive Publication Date: 2021-04-23HARBIN INST OF TECH
8 Cites 23 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Current Assignee / Owner
HARBIN INST OF TECH
Publication Date
2021-04-23

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a function-level code vulnerability detection method based on slice attribute graph representation learning, and the method comprises the steps: firstly introducing a new slice criterion, proposing the concept of a slice attribute graph, and generating a slice attribute graph of a code based on the slice criterion and a program slice technology; extracting graph structure information, node attribute information and code context information which have a dependency relationship with the vulnerability candidate key points; then, performing representation learning on the slice attribute graph by utilizing a relation graph convolutional neural network and combining a dual attention mechanism based on nodes and sub-graphs so as to learn a more comprehensive and accurate vulnerability mode; and finally, fusing the vulnerability identification results of the slice attribute graphs to realize function-level vulnerability detection, and determining a set of vulnerability candidate statements and grammatical elements associated with vulnerabilities. More vulnerability candidate key points can be covered, structures, attributes and context information related to vulnerabilities are fully learned and expressed, and the vulnerability detection accuracy is improved.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a loophole detection method, in particular to a function-level code loophole detection method based on slice attribute graph representation learning. Background technique

[0002] Software vulnerability detection is an important and challenging problem in information security. Traditional detection methods and detection tools depend to a large extent on the reviewers' understanding of security issues and the accumulation of long-term experience, and rely on known vulnerability patterns, making it difficult to detect previously undiscovered vulnerabilities. In addition to the classic method, the method of applying machine learning as a supplementary vulnerability detection method has also made great progress. Although the vulnerability detection method based on machine learning avoids the problem that commonly used detection tools rely on experts to manually write detection rules, it still needs to manually extract vulnerabiliti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More