Open source software security vulnerability patch positioning method based on sorting

A positioning method and open source software technology, applied in the field of computer security, can solve the problems of ignoring vulnerability description and code semantic content, difficulty and time-consuming, poor model effect, etc., and achieve the effect of perfect feature selection, rich data set and excellent effect

Pending Publication Date: 2022-04-22
ZHEJIANG UNIV CITY COLLEGE
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Currently locating vulnerability patches mainly locates vulnerability patches by manually checking code submissions one by one, which is very difficult and time-consuming
Currently there is a technology that uses feature engineering to locate vulnerability patches. However, this method only extracts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Open source software security vulnerability patch positioning method based on sorting
  • Open source software security vulnerability patch positioning method based on sorting
  • Open source software security vulnerability patch positioning method based on sorting

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0059] In order to facilitate those of ordinary skill in the art to understand and implement the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and implementation examples. It should be understood that the described implementation examples are only used to illustrate and explain the present invention, and should not limit the scope of the present invention.

[0060] Such as figure 1 Shown, a sorting-based open source software security vulnerability patch location method, the method of the present invention comprises the following steps:

[0061] Step 1: Data collection. Its specific implementation includes the following sub-steps:

[0062] Step 1.1: Collect the matching relationship between vulnerabilities and code submissions, such as figure 2 shown. Use Python crawler technology to traverse all data pages of the Snyk vulnerability database, and obtain the vulnerability numbers and corresp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a sorting-based open source software security vulnerability patch positioning method. The method specifically comprises the following steps: collecting vulnerability and code submission data from a website; extracting vulnerability and code submission similarity characteristics of four dimensions including code lines, vulnerability identities, vulnerability repair positions and segmented word bags by using a data mining and statistical analysis method; training a bug field text semantic coding module based on a Bert model, and extracting bug semantic features and code submission semantic features by using the semantic coding module; splicing the semantic features of the vulnerability and the semantic features of the code submission to form all features of the vulnerability and the code submission; model training; and carrying out model fusion by using a majority voting thought. According to the method, features can be extracted from vulnerabilities and code submission, a vulnerability patch submission sorting model is established, code submission in an open source software warehouse is sorted according to the matching degree with the vulnerabilities, and the number of submission codes needing to be checked by patch labeling personnel is effectively reduced.

Description

technical field [0001] The patent of the present invention relates to the technical field of computer security, in particular to a sorting-based method for locating security loophole patches of open source software. Background technique [0002] The XGBoost model and the LightGBM model are both gradient boosting trees, which can extract the relationship between independent variables and dependent variables from various features. The principle is to achieve the effect of a strong classifier by fusing multiple weak classifiers. Each time, the residual of the real value and the current predicted value is used as the training target of the next weak classifier, and iterated continuously to make the final model fit the data. The difference is that the tree structure in the XGBoost model is grown by layers, while the tree structure in the LightGBM model is grown by leaves, and leaves with greater splitting benefits are found each time. [0003] The Convolutional Neural Network (C...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F21/56G06F40/289G06F40/30G06K9/62G06N3/04G06N3/08
CPCG06F21/577G06F21/572G06F21/563G06N3/084G06F40/30G06F40/289G06N3/045G06F18/25G06F18/259
Inventor 张芸吴明晖王世超鲍凌峰夏鑫
Owner ZHEJIANG UNIV CITY COLLEGE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products