Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Java vulnerability detection positioning method based on GGNN and hierarchical attention network

A technology for vulnerability detection and localization methods, applied in neural learning methods, error detection/correction, biological neural network models, etc., can solve problems such as increasing research complexity, inability to locate vulnerabilities quickly, and lack of high quality.

Pending Publication Date: 2022-03-25
国家电网有限公司客户服务中心 +1
View PDF0 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the current vulnerability detection method based on DL algorithm has achieved the effect that previous work did not have, it also faces many bottlenecks that need to be broken through, such as the inherent poor interpretability of DL models, the lack of high-quality data sets, how to effectively extract the abstract features of vulnerabilities, etc. difficult problem; although many studies claim that their datasets are collected in the real world, most studies do not disclose their datasets, and vulnerability datasets with strict granularity are lacking.
In addition, the research on vulnerability detection based on graph neural network will reduce the amount of data and increase the complexity of the research because the source code needs to be compiled to generate the graph structure; Poor explanatory ability, unable to quickly locate vulnerabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Java vulnerability detection positioning method based on GGNN and hierarchical attention network
  • Java vulnerability detection positioning method based on GGNN and hierarchical attention network
  • Java vulnerability detection positioning method based on GGNN and hierarchical attention network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0055] like figure 1 As shown, it is the overall flowchart of the Java vulnerability detection and location method based on GGNN and hierarchical attention network of the present invention. The process specifically includes the following steps:

[0056] Step 1. Construct a vulnerability dataset, detect and classify vulnerabilities based on machine learning (ML), and obtain a vulnerability dataset with clear granularity, considerable quantity, and excellent quality. The sources of the vulnerability data set in the present invention include Java Juliet Test data, public data sets collected by predecessors, and vulnerability data sets collected from github open source software. in:

[0057] ①The Java Juliet Test data of SARD is manually screened at the Method granularity, and the vulnerability data set at the Method ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Java vulnerability detection and positioning method based on a GGNN and a hierarchical attention network. The method mainly comprises the steps of vulnerability data set construction, data set preprocessing, model design and training, and model testing and evaluation. Firstly, a data set used in the current field is summarized, and a self-made data set for subsequent model training is designed and collected; performing data preprocessing work on the data set to obtain a primary representation of a code and enabling the primary representation to serve as input of a subsequent model; training a self-defined vulnerability detection model by using the preprocessed data; and finally, the trained model can process a tested data set, and test evaluation is given. Compared with the prior art, the method has the advantages that vulnerability detection is carried out by using the graph neural network model of the DL algorithm (optimization algorithm), and the problems of lack of data sets, poor interpretability and difficulty in code graph structure generation of this kind of research are solved.

Description

technical field [0001] The invention relates to the technical field of software detection, in particular to a static detection method for Java vulnerabilities based on deep learning. Background technique [0002] With the rapid increase in the number of software and the widespread use of open source software OSS, the number of software vulnerabilities and the impact of vulnerabilities are also increasing and expanding. Software loopholes will pose a potential threat to the safe operation of computers, and bring huge economic losses and serious information leakage to people and society. The "Heartbleed" loophole that has appeared is a vivid example. An effective way to alleviate the problem of software vulnerabilities is to use various means to detect possible vulnerabilities as early as possible before the software is released. [0003] In recent years, with the breakthrough of machine learning research, many studies have tried to use machine learning technology to automati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36G06N3/04G06N3/08
CPCG06F11/3604G06N3/04G06N3/08
Inventor 刘旭生陈森徐斌李晓红闫国庆王俊杰
Owner 国家电网有限公司客户服务中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com