CN111338692A - Vulnerability classification method and device based on vulnerability codes and electronic equipment - Google Patents

Vulnerability classification method and device based on vulnerability codes and electronic equipment Download PDF

Info

Publication number
CN111338692A
CN111338692A CN201811550878.7A CN201811550878A CN111338692A CN 111338692 A CN111338692 A CN 111338692A CN 201811550878 A CN201811550878 A CN 201811550878A CN 111338692 A CN111338692 A CN 111338692A
Authority
CN
China
Prior art keywords
vulnerability
codes
code
information
classification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811550878.7A
Other languages
Chinese (zh)
Other versions
CN111338692B (en
Inventor
黄威
李雪
张娜
蔡学文
王晓敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201811550878.7A priority Critical patent/CN111338692B/en
Publication of CN111338692A publication Critical patent/CN111338692A/en
Application granted granted Critical
Publication of CN111338692B publication Critical patent/CN111338692B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/73Program documentation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Library & Information Science (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application provides a vulnerability classification method and device based on vulnerability codes and electronic equipment, which are applied to the technical field of text classification, wherein the method comprises the following steps: the method comprises the steps of obtaining vulnerability codes to be classified and relevant information of the vulnerability codes to be classified, then carrying out identification analysis on the obtained vulnerability codes to be classified and the relevant information based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes, namely classifying the vulnerability codes through the pre-trained neural network model based on the vulnerability codes and the relevant information, so that automatic classification of the vulnerability codes is achieved, classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and therefore labor cost of vulnerability code classification is reduced.

Description

Vulnerability classification method and device based on vulnerability codes and electronic equipment
Technical Field
The application relates to the technical field of text classification, in particular to a vulnerability classification method and device based on vulnerability codes and electronic equipment.
Background
In software project development, such as APP (Application, mobile phone Application) development, a large number of codes are often written, even an engineer with a high professional level writes a code with a vulnerability, and the classification of the vulnerability of the written code becomes a key problem for subsequent targeted processing according to the vulnerability type of the code.
At present, classification of vulnerability codes is performed manually, that is, relevant workers perform judgment and analysis on discovered vulnerability codes one by one, and then determine the type of the vulnerability codes according to the judgment and analysis results, however, according to the existing classification of vulnerability codes performed manually, the types to which a certain vulnerability code belongs can be determined only by analyzing the vulnerability codes one by relevant workers with professional knowledge, and the efficiency is very low. Therefore, the existing manual classification mode of the vulnerability codes has the problems of low classification efficiency and high labor cost.
Disclosure of Invention
The application provides a vulnerability classification method and device based on vulnerability codes and electronic equipment, which are used for improving the classification efficiency of the vulnerability codes and reducing the labor cost, and the technical scheme adopted by the application is as follows:
in a first aspect, a vulnerability classification method based on vulnerability codes is provided, the method comprising,
acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and identifying and analyzing the acquired vulnerability codes to be classified and related information based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Further, the obtained vulnerability codes to be classified and related information are identified and analyzed based on the pre-trained neural network model, and vulnerability classification result information of the vulnerability codes to be classified is obtained, and the vulnerability classification result information comprises the following steps:
determining initial vector representation of the acquired vulnerability codes and related information;
extracting features through a feature extraction network of a pre-trained neural network model based on the determined initial vector characterization to obtain feature vector characterization of the vulnerability codes and related information;
and inputting the characteristic vector representation into a classification network of a pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
Further, the related information of the vulnerability code to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
Further, the vulnerability classification result information includes vulnerability types of the vulnerability codes, and the vulnerability types include at least one of the following:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
Further, the method further comprises: and pushing corresponding processing suggestion information according to the vulnerability classification result information.
Further, according to the vulnerability classification result information, pushing corresponding processing suggestion information, including:
if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, pushing suggestion information for deleting the redundant code and replacing the redundant code by using a common code base code;
if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and if the vulnerability type of the vulnerability code is a useless code vulnerability, pushing recommendation information for deleting the useless code.
In a second aspect, there is provided a vulnerability classification apparatus based on vulnerability codes, the apparatus including,
the system comprises an acquisition module, a classification module and a classification module, wherein the acquisition module is used for acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and the recognition module is used for carrying out recognition analysis on the vulnerability codes to be classified and the related information which are acquired by the acquisition module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Further, the identification module comprises a first determination unit, a feature extraction unit and a classification unit;
the first determining unit is used for determining the initial vector representation of the acquired vulnerability code and the related information;
the feature extraction unit is used for extracting features through a feature extraction network of a pre-trained neural network model based on the initial vector characterization determined by the first determination unit to obtain feature vector characterization of the vulnerability code and the related information;
and the classification unit is used for inputting the characteristic vector representation obtained by the characteristic extraction unit into a classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
Further, the related information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
Further, the vulnerability classification result information includes vulnerability types of the vulnerability codes, and the vulnerability types include at least one of the following:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
Further, the device also comprises a pushing module;
and the pushing module is used for pushing corresponding processing suggestion information according to the vulnerability classification result information.
Further, the pushing module is used for pushing suggestion information for deleting the redundant codes and replacing the redundancy codes by using the codes of the public code library if the vulnerability type of the vulnerability codes is a redundant repeated vulnerability;
and/or, if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and/or pushing recommendation information for deleting the useless codes if the bug type of the bug codes is a useless code bug.
In a third aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: and executing the vulnerability classification method based on the vulnerability codes.
In a fourth aspect, a computer-readable storage medium is provided, which is used for storing computer instructions, and when the computer instructions are executed on a computer, the computer can execute the vulnerability classification method based on vulnerability codes in the first aspect.
Compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method, the vulnerability classification device and the electronic equipment based on the vulnerability codes acquire vulnerability codes to be classified and relevant information of the vulnerability codes to be classified, then the acquired vulnerability codes to be classified and the relevant information are identified and analyzed based on a pre-trained neural network model, vulnerability classification result information of the vulnerability codes is obtained, namely the vulnerability codes are classified based on the vulnerability codes and the relevant information through the pre-trained neural network model, so that automatic classification of the vulnerability codes is realized, classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased for classification of the vulnerability codes, and labor cost for classification of the vulnerability codes is reduced.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic flowchart of a vulnerability classification method based on vulnerability codes according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of another vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The embodiment of the present application provides a vulnerability classification method based on vulnerability codes, as shown in fig. 1, the method includes,
step S101, acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
specifically, the vulnerability code to be classified and the related information thereof are obtained through a corresponding obtaining method, wherein the vulnerability code to be classified can be a vulnerability code determined by relevant testers through testing and finding project codes.
Step S102, the acquired vulnerability codes to be classified and related information are identified and analyzed based on a pre-trained neural network model, and vulnerability classification result information of the vulnerability codes is obtained.
Specifically, the acquired vulnerability codes to be classified and relevant information thereof are input into a pre-trained neural network model, and the vulnerability codes and the relevant information thereof are identified and analyzed through the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
The pre-trained Neural Network model may be a model of a Neural Network based on RNN (Recurrent Neural Network) or LSTM (Long Short-Term Memory Network). The pre-trained neural network model can be obtained by training according to a plurality of vulnerability codes and relevant information thereof, and various vulnerability code types marked by manual marking or other methods.
Compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method based on the vulnerability codes obtains the vulnerability classification result information of the vulnerability codes, namely the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, and in addition, even if the number of the vulnerability codes is large, related workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The embodiment of the present application provides a possible implementation manner, and specifically, step S102 includes:
step S1021 (not shown in the figure), determining an initial vector characterization of the obtained vulnerability code and related information;
specifically, the initial vector representation of the vulnerability code and the related information thereof may be obtained by a corresponding word embedding method, where the word embedding method may be a word embedding layer of a pre-trained neural network, where the obtained vulnerability code and the related information thereof may be preprocessed, for example, the obtained vulnerability code and the related information thereof may be participled by a corresponding western language text participle method or a chinese text participle method, and the related text words after the participle processing may be subjected to a stop word removing operation to remove some stopwords in the middle and western languages, such as "a, an, and, are, the" of western languages, the "of chinese, the" of land, the "of also, the" of chinese, and the like.
Step S1022 (not shown in the figure), performing feature extraction based on the determined initial vector characterization through a feature extraction network of a pre-trained neural network model to obtain a feature vector characterization of the vulnerability code and the related information;
specifically, feature extraction can be performed on the determined initial vector characterization through the convolution layer of the pre-trained neural network model, so that feature vector characterization of the vulnerability code and relevant information of the vulnerability code is obtained.
Step S1023 (not shown in the figure), the feature vector representation is input to the classification network of the pre-trained neural network, and vulnerability classification result information of the vulnerability code to be classified is obtained.
Specifically, the feature vector representation is input to a classification network of a pre-trained neural network model, such as a softmax-based network layer, to obtain vulnerability classification result information of vulnerability codes to be classified, where the vulnerability classification result information may be probability values of various vulnerability types respectively corresponding to the vulnerability codes, or may be determined by a certain vulnerability type, where the determined certain vulnerability type may be determined according to the probability values of various vulnerability types respectively corresponding to the vulnerability codes.
According to the vulnerability classification method and device, the vulnerability codes to be classified are automatically classified by determining the initial vector representation of the vulnerability codes to be classified and the related information of the vulnerability codes to be classified, extracting features based on the initial vector representation to obtain the feature vector representation, and then determining the vulnerability classification result information of the vulnerability codes to be classified through the classification network of the pre-trained neural network model, so that the vulnerability codes to be classified are automatically classified, and the vulnerability classification efficiency of the vulnerability codes is improved.
The relevant information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
The related information of the vulnerability codes to be classified includes but is not limited to code warehouse information and project related information, wherein the code warehouse information includes but is not limited to code storage addresses and code version information, and the project related information includes but is not limited to file names, file paths, project names, group information and responsible person information.
For the embodiment of the application, the relevant information of the vulnerability codes to be classified comprises a plurality of pieces of information with different dimensions, so that a foundation is provided for obtaining more semantic information of the vulnerability codes to be classified, and the vulnerability classification accuracy of the vulnerability codes can be improved.
The vulnerability classification result information comprises vulnerability types of vulnerability codes, and the vulnerability types comprise at least one of the following items:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
The vulnerability classification result information includes but is not limited to vulnerability types of vulnerability codes, wherein the vulnerability types include but are not limited to redundant repeated vulnerabilities, false alarm vulnerabilities and useless code vulnerabilities.
For the embodiment of the application, the vulnerability types of the vulnerability codes are various, and the fine classification of the vulnerability codes provides a basis for correspondingly processing the vulnerability codes in a subsequent pertinence manner, so that the code quality is improved.
The embodiment of the present application provides a possible implementation manner, and further, the method further includes:
step S103 (not shown in the figure), pushing corresponding processing suggestion information according to the vulnerability classification result information.
Specifically, the corresponding processing suggestion information may be pushed respectively according to the difference of the vulnerability classification result information.
According to the embodiment of the application, corresponding processing suggestion information is respectively pushed according to different vulnerability classification result information, so that the targeted processing of different vulnerability types is realized, and the efficiency of solving the vulnerability problem of corresponding vulnerability codes is improved.
The embodiment of the present application provides a possible implementation manner, and specifically, step S103 includes:
step S1031 (not shown in the figure), if the bug type of the bug code is a redundant repeated bug, pushing suggestion information for deleting the redundant code and replacing by using a common code library code;
step S1032 (not shown in the figure), if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
step S1033 (not shown in the figure), if the bug type of the bug code is a garbage code bug, pushing recommendation information for deleting the garbage code.
For the embodiment of the application, if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, the recommendation information for deleting the redundant code and replacing the redundant code by using the common code base code is pushed, so that the redundancy rate of the project code can be reduced; if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule, so as to prevent the corresponding code to be detected from being detected as the vulnerability code; if the bug type of the bug code is a useless code bug, pushing and deleting recommendation information of the useless code, so that the space storage amount of the project code can be reduced.
For the embodiment of the application, the corresponding suggestion information is respectively pushed according to different vulnerability types, so that the efficiency of solving the vulnerability problem of the corresponding vulnerability code can be improved.
Fig. 2 is a vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application, where the apparatus 20 includes: an acquisition module 201 and an identification module 202;
an obtaining module 201, configured to obtain a vulnerability code to be classified and related information of the vulnerability code to be classified;
an identifying module 202, configured to perform identification analysis on the vulnerability code to be classified and the related information obtained by the obtaining module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability code
The embodiment of the application provides a vulnerability classification device based on vulnerability codes, compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification device based on the vulnerability codes to be classified obtains vulnerability classification result information of the vulnerability codes by obtaining relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and relevant information, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The vulnerability classification device based on the vulnerability codes can execute the vulnerability classification method based on the vulnerability codes provided in the embodiments of the present application, and the implementation principles are similar, and are not described herein again.
An embodiment of the present application provides another vulnerability classification apparatus based on vulnerability codes, as shown in fig. 3, the apparatus 30 of the present embodiment includes: an acquisition module 301 and an identification module 302;
an obtaining module 301, configured to obtain a vulnerability code to be classified and related information of the vulnerability code to be classified;
the acquiring module 301 in fig. 3 has the same or similar function as the acquiring module 201 in fig. 2.
The identifying module 302 is configured to identify and analyze the vulnerability codes to be classified and the related information acquired by the acquiring module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Wherein the identification module 302 of fig. 3 has the same or similar function as the identification module 202 of fig. 2.
The embodiments of the present application provide a possible implementation manner, and in particular,
the recognition module 302 includes a first determination unit 3021, a feature extraction unit 3022, and a classification unit 3023;
a first determining unit 3021, configured to determine an initial vector representation of the obtained vulnerability code and related information;
the feature extraction unit 3022 is configured to perform feature extraction on the basis of the initial vector characterization determined by the first determination unit 3021 through a feature extraction network of a pre-trained neural network model to obtain a feature vector characterization of the vulnerability code and related information;
and the classification unit 3023 is configured to input the feature vector representation extracted by the feature extraction unit 3022 into a classification network of a pre-trained neural network to obtain vulnerability classification result information of the vulnerability code to be classified.
According to the vulnerability classification method and device, the vulnerability codes to be classified are automatically classified by determining the initial vector representation of the vulnerability codes to be classified and the related information of the vulnerability codes to be classified, extracting features based on the initial vector representation to obtain the feature vector representation, and then determining the vulnerability classification result information of the vulnerability codes to be classified through the classification network of the pre-trained neural network model, so that the vulnerability codes to be classified are automatically classified, and the vulnerability classification efficiency of the vulnerability codes is improved.
The relevant information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
For the embodiment of the application, the relevant information of the vulnerability codes to be classified comprises a plurality of pieces of information with different dimensions, so that a foundation is provided for obtaining more semantic information of the vulnerability codes to be classified, and the vulnerability classification accuracy of the vulnerability codes can be improved.
The vulnerability classification result information comprises vulnerability types of vulnerability codes, and the vulnerability types comprise at least one of the following items:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
For the embodiment of the application, the vulnerability types of the vulnerability codes are various, and the fine classification of the vulnerability codes provides a basis for correspondingly processing the vulnerability codes in a subsequent pertinence manner, so that the code quality is improved.
The embodiment of the present application provides a possible implementation manner, and further, the apparatus further includes a pushing module 303;
and the pushing module 303 is configured to push corresponding processing suggestion information according to the vulnerability classification result information.
The embodiment of the present application provides a possible implementation manner, and specifically, the pushing module 303 is configured to, if a vulnerability type of a vulnerability code is a redundant repeated vulnerability, push suggestion information for deleting the redundant code and replacing the vulnerability code with a common code base code;
and/or, if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and/or pushing recommendation information for deleting the useless codes if the bug type of the bug codes is a useless code bug.
According to the embodiment of the application, corresponding processing suggestion information is respectively pushed according to different vulnerability classification result information, so that the targeted processing of different vulnerability types is realized, and the efficiency of solving the vulnerability problem of corresponding vulnerability codes is improved.
The embodiment of the application provides a vulnerability classification device based on vulnerability codes, compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification device based on the vulnerability codes to be classified obtains vulnerability classification result information of the vulnerability codes by obtaining relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and relevant information, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The vulnerability classification device based on the vulnerability codes can execute the vulnerability classification method based on the vulnerability codes provided in the embodiments of the present application, and the implementation principles are similar, and are not described herein again.
An embodiment of the present application provides an electronic device, as shown in fig. 4, an electronic device 40 shown in fig. 4 includes: a processor 4001 and a memory 4003. Processor 4001 is coupled to memory 4003, such as via bus 4002. Further, the electronic device 40 may also include a transceiver 4004. In addition, the transceiver 4004 is not limited to one in practical applications, and the structure of the electronic device 400 is not limited to the embodiment of the present application.
The processor 4001 is applied in the embodiment of the present application, and is configured to implement the functions of the obtaining module and the identifying module shown in fig. 2 or fig. 3, and to implement the function of the pushing module shown in fig. 3. The transceiver 4004 includes a receiver and a transmitter.
Processor 4001 may be a CPU, general purpose processor, DSP, ASIC, FPGA or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 4001 may also be a combination that performs a computational function, including, for example, a combination of one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
Bus 4002 may include a path that carries information between the aforementioned components. Bus 4002 may be a PCI bus, EISA bus, or the like. The bus 4002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 4, but this does not indicate only one bus or one type of bus.
Memory 4003 may be, but is not limited to, a ROM or other type of static storage device that can store static information and instructions, a RAM or other type of dynamic storage device that can store information and instructions, an EEPROM, a CD-ROM or other optical disk storage, an optical disk storage (including compact disk, laser disk, optical disk, digital versatile disk, blu-ray disk, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 4003 is used for storing application codes for executing the scheme of the present application, and the execution is controlled by the processor 4001. The processor 4001 is configured to execute application program codes stored in the memory 4003 to implement the functions of the vulnerability classification apparatus based on vulnerability codes provided by the embodiment shown in fig. 2 or fig. 3.
The embodiment of the application provides an electronic device suitable for the method embodiment. And will not be described in detail herein.
The embodiment of the application provides electronic equipment, compared with the prior art that vulnerability codes are classified in a manual mode, the embodiment of the application obtains vulnerability classification result information of the vulnerability codes by obtaining the vulnerability codes to be classified and relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, related workers do not need to be added for classification of the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The present application provides a computer-readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the method shown in the above embodiments is implemented.
Embodiments of the present application provide a computer-readable storage medium,
compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method based on the vulnerability codes obtains the vulnerability classification result information of the vulnerability codes, namely the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, and in addition, even if the number of the vulnerability codes is large, related workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The embodiment of the application provides a computer-readable storage medium which is suitable for the method embodiment. And will not be described in detail herein.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.

Claims (10)

1. A vulnerability classification method based on vulnerability codes is characterized by comprising the following steps:
acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and identifying and analyzing the acquired vulnerability codes to be classified and the related information based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
2. The method according to claim 1, wherein the identifying and analyzing the acquired vulnerability codes to be classified and the related information based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes to be classified comprises:
determining initial vector representation of the acquired vulnerability codes and the related information;
extracting features based on the determined initial vector characterization through a feature extraction network of the pre-trained neural network model to obtain feature vector characterization of the vulnerability codes and the related information;
and inputting the characteristic vector representation to the classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
3. The method of claim 1, wherein the information related to the vulnerability code to be classified comprises at least one of: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
4. The method of claim 1, wherein the vulnerability classification result information comprises vulnerability types of vulnerability codes, and wherein the vulnerability types include at least one of:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
5. The method according to any one of claims 1-4, characterized in that the method further comprises:
and pushing corresponding processing suggestion information according to the vulnerability classification result information.
6. The method according to claim 5, wherein the pushing corresponding processing suggestion information according to the vulnerability classification result information comprises:
if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, pushing suggestion information for deleting the redundant code and replacing the redundant code by using a common code base code;
if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and if the vulnerability type of the vulnerability code is a useless code vulnerability, pushing recommendation information for deleting the useless code.
7. The utility model provides a vulnerability classification device based on vulnerability code which characterized in that includes:
the system comprises an acquisition module, a classification module and a classification module, wherein the acquisition module is used for acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and the recognition module is used for carrying out recognition analysis on the vulnerability codes to be classified and the related information which are acquired by the acquisition module based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
8. The apparatus of claim 7, wherein the identification module comprises a first determination unit, a feature extraction unit and a classification unit;
the first determining unit is configured to determine initial vector representations of the acquired vulnerability code and the related information;
the feature extraction unit is configured to perform feature extraction on the basis of the initial vector characterization determined by the first determination unit through a feature extraction network of the pre-trained neural network model to obtain the vulnerability code and the feature vector characterization of the relevant information;
and the classification unit is used for inputting the characteristic vector representation extracted by the characteristic extraction unit into the classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
9. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: executing the vulnerability classification method based on vulnerability codes according to any of claims 1 to 6.
10. A computer-readable storage medium for storing computer instructions which, when executed on a computer, enable the computer to perform the vulnerability classification method based on vulnerability codes of any of the above claims 1 to 6.
CN201811550878.7A 2018-12-18 2018-12-18 Vulnerability classification method and device based on vulnerability codes and electronic equipment Active CN111338692B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811550878.7A CN111338692B (en) 2018-12-18 2018-12-18 Vulnerability classification method and device based on vulnerability codes and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811550878.7A CN111338692B (en) 2018-12-18 2018-12-18 Vulnerability classification method and device based on vulnerability codes and electronic equipment

Publications (2)

Publication Number Publication Date
CN111338692A true CN111338692A (en) 2020-06-26
CN111338692B CN111338692B (en) 2024-04-16

Family

ID=71181417

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811550878.7A Active CN111338692B (en) 2018-12-18 2018-12-18 Vulnerability classification method and device based on vulnerability codes and electronic equipment

Country Status (1)

Country Link
CN (1) CN111338692B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111967021A (en) * 2020-08-27 2020-11-20 山东英信计算机技术有限公司 Vulnerability processing method, device and equipment and computer readable storage medium
CN112115476A (en) * 2020-08-06 2020-12-22 扬州大学 LSTM-based vulnerability automatic classification method, system and computer equipment
CN112733137A (en) * 2020-12-24 2021-04-30 哈尔滨工业大学 Binary code similarity analysis method for vulnerability detection
CN112988447A (en) * 2021-05-20 2021-06-18 全时云商务服务股份有限公司 Method, system and readable storage medium for automatically correcting vulnerability information
CN113343248A (en) * 2021-07-19 2021-09-03 北京有竹居网络技术有限公司 Vulnerability identification method, device, equipment and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017181286A1 (en) * 2016-04-22 2017-10-26 Lin Tan Method for determining defects and vulnerabilities in software code
US20180075348A1 (en) * 2016-09-09 2018-03-15 Cylance Inc. Machine learning model for analysis of instruction sequences
CN107885999A (en) * 2017-11-08 2018-04-06 华中科技大学 A kind of leak detection method and system based on deep learning
CN108376220A (en) * 2018-02-01 2018-08-07 东巽科技(北京)有限公司 A kind of malice sample program sorting technique and system based on deep learning
CN108509958A (en) * 2018-03-30 2018-09-07 北京金山安全软件有限公司 Defect type detection method, defect type detection device, electronic equipment and medium
CN108549817A (en) * 2018-04-19 2018-09-18 北京理工大学 A kind of software security flaw prediction technique based on text deep learning
US20180276562A1 (en) * 2017-03-24 2018-09-27 Microsoft Technology Licensing, Llc Bug categorization and team boundary inference via automated bug detection
US20180285740A1 (en) * 2017-04-03 2018-10-04 Royal Bank Of Canada Systems and methods for malicious code detection
CN108763931A (en) * 2018-05-28 2018-11-06 上海交通大学 Leak detection method based on Bi-LSTM and text similarity
CN108763928A (en) * 2018-05-03 2018-11-06 北京邮电大学 A kind of open source software leak analysis method, apparatus and storage medium

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017181286A1 (en) * 2016-04-22 2017-10-26 Lin Tan Method for determining defects and vulnerabilities in software code
US20180075348A1 (en) * 2016-09-09 2018-03-15 Cylance Inc. Machine learning model for analysis of instruction sequences
US20180276562A1 (en) * 2017-03-24 2018-09-27 Microsoft Technology Licensing, Llc Bug categorization and team boundary inference via automated bug detection
US20180285740A1 (en) * 2017-04-03 2018-10-04 Royal Bank Of Canada Systems and methods for malicious code detection
CN107885999A (en) * 2017-11-08 2018-04-06 华中科技大学 A kind of leak detection method and system based on deep learning
CN108376220A (en) * 2018-02-01 2018-08-07 东巽科技(北京)有限公司 A kind of malice sample program sorting technique and system based on deep learning
CN108509958A (en) * 2018-03-30 2018-09-07 北京金山安全软件有限公司 Defect type detection method, defect type detection device, electronic equipment and medium
CN108549817A (en) * 2018-04-19 2018-09-18 北京理工大学 A kind of software security flaw prediction technique based on text deep learning
CN108763928A (en) * 2018-05-03 2018-11-06 北京邮电大学 A kind of open source software leak analysis method, apparatus and storage medium
CN108763931A (en) * 2018-05-28 2018-11-06 上海交通大学 Leak detection method based on Bi-LSTM and text similarity

Non-Patent Citations (7)

* Cited by examiner, † Cited by third party
Title
WOLFSHADOW: "A Deep Learning-Based System for Vulnerability Detection(二)", pages 1 - 4, Retrieved from the Internet <URL:https://www.cnblogs.com/TomDwan/p/9937032.html> *
XIAN ZHANG等: "2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)", 《CROSS-ENTROPY: A NEW METRIC FOR SOFTWARE DEFECT PREDICTION》, 6 August 2018 (2018-08-06), pages 111 - 122 *
刘浏: "基于机器学习的恶意代码检测与分类技术研究", 《中国优秀博士学位论文全文数据库(信息科技辑)》, no. 02, 15 February 2020 (2020-02-15), pages 138 - 18 *
孙鸿宇等: "人工智能技术在安全漏洞领域的应用", 《通信学报》, no. 08, 31 August 2018 (2018-08-31), pages 1 - 17 *
张立勇: "软件源代码安全分析研究", 《中国优秀博士学位论文全文数据库(信息科技辑)》, no. 12, 15 December 2011 (2011-12-15), pages 138 - 11 *
李楠: "基于IPV6的入侵检测系统的研究与实现", 《中国优秀硕士学位论文全文数据库(信息科技 辑)》, no. 08, 15 August 2006 (2006-08-15), pages 139 - 95 *
郭敏洁: "无线传感器网络漏洞扫描系统研究与实现", 《中国优秀硕士学位论文全文数据库(信息科技辑)》, no. 04, 15 April 2018 (2018-04-15), pages 140 - 233 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115476A (en) * 2020-08-06 2020-12-22 扬州大学 LSTM-based vulnerability automatic classification method, system and computer equipment
CN112115476B (en) * 2020-08-06 2023-10-24 扬州大学 Automatic vulnerability classification method, system and computer equipment based on LSTM
CN111967021A (en) * 2020-08-27 2020-11-20 山东英信计算机技术有限公司 Vulnerability processing method, device and equipment and computer readable storage medium
CN111967021B (en) * 2020-08-27 2022-06-03 山东英信计算机技术有限公司 Vulnerability processing method, device and equipment and computer readable storage medium
CN112733137A (en) * 2020-12-24 2021-04-30 哈尔滨工业大学 Binary code similarity analysis method for vulnerability detection
CN112988447A (en) * 2021-05-20 2021-06-18 全时云商务服务股份有限公司 Method, system and readable storage medium for automatically correcting vulnerability information
CN113343248A (en) * 2021-07-19 2021-09-03 北京有竹居网络技术有限公司 Vulnerability identification method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN111338692B (en) 2024-04-16

Similar Documents

Publication Publication Date Title
CN111338692B (en) Vulnerability classification method and device based on vulnerability codes and electronic equipment
CN106778241B (en) Malicious file identification method and device
CN107423278B (en) Evaluation element identification method, device and system
CN108985057B (en) Webshell detection method and related equipment
CN111368289B (en) Malicious software detection method and device
CN109711163B (en) Android malicious software detection method based on API (application program interface) calling sequence
CN111262730B (en) Method and device for processing alarm information
CN113778864A (en) Test case generation method and device, electronic equipment and storage medium
CN114461534A (en) Software performance testing method and system, electronic equipment and readable storage medium
CN113205130B (en) Data auditing method and device, electronic equipment and storage medium
CN112257757A (en) Malicious sample detection method and system based on deep learning
CN112116018A (en) Sample classification method, apparatus, computer device, medium, and program product
CN111523322A (en) Requirement document quality evaluation model training method and requirement document quality evaluation method
CN108829590B (en) Software testing method, device and system
CN110598115A (en) Sensitive webpage identification method and system based on artificial intelligence multi-engine
CN113836297B (en) Training method and device for text emotion analysis model
CN114706766A (en) False alarm elimination method and device of security function, electronic equipment and storage medium
CN107305540B (en) Address segmentation recognition method
CN115080745A (en) Multi-scene text classification method, device, equipment and medium based on artificial intelligence
CN114254588A (en) Data tag processing method and device
CN111339776B (en) Resume parsing method and device, electronic equipment and computer-readable storage medium
CN114090650A (en) Sample data identification method and device, electronic equipment and storage medium
CN113688240A (en) Threat element extraction method, device, equipment and storage medium
CN108875770B (en) Pedestrian detection false alarm data labeling method, device, system and storage medium
CN114884686B (en) PHP threat identification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant