Function-level code vulnerability detection method based on slice attribute graph representation learning

A vulnerability detection and attribute graph technology, applied in the field of vulnerability detection, can solve problems such as affecting model learning efficiency, high model false positive rate, complexity and bulk, and achieve the effect of avoiding adverse effects, improving coverage, and reducing complexity.

Active Publication Date: 2021-04-23
HARBIN INST OF TECH
View PDF8 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the code composite graph established with AST as the backbone is suitable for encoding complex program structure semantics, the graph structure is too complex and large when the function scale is large, which affects the learning efficiency of the model, and there are a large number of nodes and nodes that are not related to vulnerabilities in the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Function-level code vulnerability detection method based on slice attribute graph representation learning
  • Function-level code vulnerability detection method based on slice attribute graph representation learning
  • Function-level code vulnerability detection method based on slice attribute graph representation learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] by Figure 5 Take the vulnerability code shown as an example to illustrate the generation of the slice attribute map and the result of vulnerability identification.

[0066] The source file is the test code with the test ID of 2081 in SARD. The position where the vulnerability statement is framed by a rectangle on line 13 is a buffer overflow vulnerability caused by the strcat function. Use the static analysis tool joern to parse the source file and generate a code property map, such as Image 6 shown. The code attribute graph contains 162 nodes and 290 edges. Extract data dependencies and control dependencies from the code attribute graph, and generate a program dependency graph for each function, such as Figure 7 shown.

[0067] Taking the vulnerability candidate key nodes as the slicing criterion, program slices are generated according to the program dependency graph. Using program slicing, the slice property graph is further generated from the program dependen...

Embodiment 2

[0070] by Figure 9 The vulnerability code shown is taken as an example to illustrate the functions of the newly added vulnerability candidate key points of the present invention and the corresponding vulnerability identification results.

[0071] The source file is part of the code of the matroska_parse_laces function in the real project FFmpeg. The vulnerability statement is in line 1804 of the source file, which is the position of the matrix box in the figure. The slice attribute map generated by the original four slice criteria cannot cover the vulnerability statement, but the newly added slice criterion of the present invention can cover it, and the generated slice attribute map is as follows Figure 10 shown.

[0072] Similarly, this slice attribute map is fed into the relational graph convolutional neural network with a double attention mechanism, and the vector representation of the splicing of the whole image and the sub-image is obtained, and then passed into the cl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a function-level code vulnerability detection method based on slice attribute graph representation learning, and the method comprises the steps: firstly introducing a new slice criterion, proposing the concept of a slice attribute graph, and generating a slice attribute graph of a code based on the slice criterion and a program slice technology; extracting graph structure information, node attribute information and code context information which have a dependency relationship with the vulnerability candidate key points; then, performing representation learning on the slice attribute graph by utilizing a relation graph convolutional neural network and combining a dual attention mechanism based on nodes and sub-graphs so as to learn a more comprehensive and accurate vulnerability mode; and finally, fusing the vulnerability identification results of the slice attribute graphs to realize function-level vulnerability detection, and determining a set of vulnerability candidate statements and grammatical elements associated with vulnerabilities. More vulnerability candidate key points can be covered, structures, attributes and context information related to vulnerabilities are fully learned and expressed, and the vulnerability detection accuracy is improved.

Description

technical field [0001] The invention relates to a loophole detection method, in particular to a function-level code loophole detection method based on slice attribute graph representation learning. Background technique [0002] Software vulnerability detection is an important and challenging problem in information security. Traditional detection methods and detection tools depend to a large extent on the reviewers' understanding of security issues and the accumulation of long-term experience, and rely on known vulnerability patterns, making it difficult to detect previously undiscovered vulnerabilities. In addition to the classic method, the method of applying machine learning as a supplementary vulnerability detection method has also made great progress. Although the vulnerability detection method based on machine learning avoids the problem that commonly used detection tools rely on experts to manually write detection rules, it still needs to manually extract vulnerabiliti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F21/56
CPCG06F21/577G06F21/563G06F2221/033
Inventor 苏小红郑伟宁蒋远魏宏巍王甜甜赵玲玲
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap