Unlock instant, AI-driven research and patent intelligence for your innovation.

Vulnerability location method, device, electronic equipment and storage medium

A positioning method and vulnerability technology, applied in the field of information security, can solve problems such as low efficiency, high false negative rate and false negative rate of code static analysis, coarse granularity, etc., and achieve the effect of improving efficiency

Active Publication Date: 2021-09-28
BEIJING UNIV OF POSTS & TELECOMM
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] The common method of software vulnerability location is code static analysis, but code static analysis has a high rate of false negatives and false positives, insufficient feature extraction, coarse granularity, and low efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability location method, device, electronic equipment and storage medium
  • Vulnerability location method, device, electronic equipment and storage medium
  • Vulnerability location method, device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to make the objects, technical solutions, and advantages of the present disclosure, the present disclosure will be described in detail below with reference to the accompanying drawings.

[0029] It should be noted that the technical terms or scientific terms used in one or more embodiments of the present disclosure shall be understood by the people of the present disclosure, unless otherwise defined. The "first", "second" and similar words used in one or more embodiments are not used to represent any order, quantity, or importance, but only to distinguish different components. Similar words to "include" or "include", meaning that the elements or objects of the previously mentioned previously enumerated elements or objects that appear later in the word, without excluding other elements or objects.

[0030] Currently, the method and tools for precise vulnerability positioning for source code and more stays only in the primary stage. Static detection technology is cur...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

One or more embodiments of the present disclosure provide a vulnerability location method, device, electronic device and storage medium, including: in response to the input source code, generating an abstract syntax tree according to the source code; constructing a function according to the abstract syntax tree call relation graph and intra-procedural control flow graph; connect said function call relation graph and said intra-procedural control flow graph to generate an inter-procedural control flow graph; use a hybrid graph embedding algorithm to analyze said inter-procedural control flow graph to obtain a general feature vector; input the total feature vector into the pre-trained vulnerability location model to obtain the vulnerability location and vulnerability type of the source code; the specific code line where the vulnerability is located and the specific classification of the vulnerability can be accurately found, which greatly improves the Efficiency of vulnerability location.

Description

Technical field [0001] One or more embodiments of the present specification relate to information security technology, in particular, to a vulnerability positioning method, apparatus, electronic device, and storage medium. Background technique [0002] Software vulnerability positioning common method is code static analysis, but the code static analysis leakage rate and false positive rate are high, and the feature extraction is insufficient, the particle size is thick, and the efficiency is low. Inventive content [0003] In view of this, an object of one or more embodiments of the present disclosure is to propose a vulnerability positioning method, apparatus, electronic device, and storage medium. [0004] Based on the above object, one or more embodiments of the present disclosure provide a vulnerability positioning method, including: [0005] In response to input source code, an abstract syntax tree is generated according to the source code; [0006] According to the abstrac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06N3/02G06N3/04G06N3/08
CPCG06F21/577G06N3/084G06N3/02G06N3/048
Inventor 徐国爱王浩宇徐国胜程潇
Owner BEIJING UNIV OF POSTS & TELECOMM