CN111338692A - Vulnerability classification method and device based on vulnerability codes and electronic equipment - Google Patents
Vulnerability classification method and device based on vulnerability codes and electronic equipment Download PDFInfo
- Publication number
- CN111338692A CN111338692A CN201811550878.7A CN201811550878A CN111338692A CN 111338692 A CN111338692 A CN 111338692A CN 201811550878 A CN201811550878 A CN 201811550878A CN 111338692 A CN111338692 A CN 111338692A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- codes
- code
- information
- classification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000003062 neural network model Methods 0.000 claims abstract description 35
- 238000004458 analytical method Methods 0.000 claims abstract description 6
- 238000000605 extraction Methods 0.000 claims description 19
- 238000012545 processing Methods 0.000 claims description 16
- 238000012512 characterization method Methods 0.000 claims description 15
- 238000013528 artificial neural network Methods 0.000 claims description 9
- 230000015654 memory Effects 0.000 claims description 9
- 238000001514 detection method Methods 0.000 claims description 6
- 230000006870 function Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000000306 recurrent effect Effects 0.000 description 1
- 230000006403 short-term memory Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/73—Program documentation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Library & Information Science (AREA)
- Computing Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application provides a vulnerability classification method and device based on vulnerability codes and electronic equipment, which are applied to the technical field of text classification, wherein the method comprises the following steps: the method comprises the steps of obtaining vulnerability codes to be classified and relevant information of the vulnerability codes to be classified, then carrying out identification analysis on the obtained vulnerability codes to be classified and the relevant information based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes, namely classifying the vulnerability codes through the pre-trained neural network model based on the vulnerability codes and the relevant information, so that automatic classification of the vulnerability codes is achieved, classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and therefore labor cost of vulnerability code classification is reduced.
Description
Technical Field
The application relates to the technical field of text classification, in particular to a vulnerability classification method and device based on vulnerability codes and electronic equipment.
Background
In software project development, such as APP (Application, mobile phone Application) development, a large number of codes are often written, even an engineer with a high professional level writes a code with a vulnerability, and the classification of the vulnerability of the written code becomes a key problem for subsequent targeted processing according to the vulnerability type of the code.
At present, classification of vulnerability codes is performed manually, that is, relevant workers perform judgment and analysis on discovered vulnerability codes one by one, and then determine the type of the vulnerability codes according to the judgment and analysis results, however, according to the existing classification of vulnerability codes performed manually, the types to which a certain vulnerability code belongs can be determined only by analyzing the vulnerability codes one by relevant workers with professional knowledge, and the efficiency is very low. Therefore, the existing manual classification mode of the vulnerability codes has the problems of low classification efficiency and high labor cost.
Disclosure of Invention
The application provides a vulnerability classification method and device based on vulnerability codes and electronic equipment, which are used for improving the classification efficiency of the vulnerability codes and reducing the labor cost, and the technical scheme adopted by the application is as follows:
in a first aspect, a vulnerability classification method based on vulnerability codes is provided, the method comprising,
acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and identifying and analyzing the acquired vulnerability codes to be classified and related information based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Further, the obtained vulnerability codes to be classified and related information are identified and analyzed based on the pre-trained neural network model, and vulnerability classification result information of the vulnerability codes to be classified is obtained, and the vulnerability classification result information comprises the following steps:
determining initial vector representation of the acquired vulnerability codes and related information;
extracting features through a feature extraction network of a pre-trained neural network model based on the determined initial vector characterization to obtain feature vector characterization of the vulnerability codes and related information;
and inputting the characteristic vector representation into a classification network of a pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
Further, the related information of the vulnerability code to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
Further, the vulnerability classification result information includes vulnerability types of the vulnerability codes, and the vulnerability types include at least one of the following:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
Further, the method further comprises: and pushing corresponding processing suggestion information according to the vulnerability classification result information.
Further, according to the vulnerability classification result information, pushing corresponding processing suggestion information, including:
if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, pushing suggestion information for deleting the redundant code and replacing the redundant code by using a common code base code;
if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and if the vulnerability type of the vulnerability code is a useless code vulnerability, pushing recommendation information for deleting the useless code.
In a second aspect, there is provided a vulnerability classification apparatus based on vulnerability codes, the apparatus including,
the system comprises an acquisition module, a classification module and a classification module, wherein the acquisition module is used for acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and the recognition module is used for carrying out recognition analysis on the vulnerability codes to be classified and the related information which are acquired by the acquisition module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Further, the identification module comprises a first determination unit, a feature extraction unit and a classification unit;
the first determining unit is used for determining the initial vector representation of the acquired vulnerability code and the related information;
the feature extraction unit is used for extracting features through a feature extraction network of a pre-trained neural network model based on the initial vector characterization determined by the first determination unit to obtain feature vector characterization of the vulnerability code and the related information;
and the classification unit is used for inputting the characteristic vector representation obtained by the characteristic extraction unit into a classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
Further, the related information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
Further, the vulnerability classification result information includes vulnerability types of the vulnerability codes, and the vulnerability types include at least one of the following:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
Further, the device also comprises a pushing module;
and the pushing module is used for pushing corresponding processing suggestion information according to the vulnerability classification result information.
Further, the pushing module is used for pushing suggestion information for deleting the redundant codes and replacing the redundancy codes by using the codes of the public code library if the vulnerability type of the vulnerability codes is a redundant repeated vulnerability;
and/or, if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and/or pushing recommendation information for deleting the useless codes if the bug type of the bug codes is a useless code bug.
In a third aspect, an electronic device is provided, which includes:
one or more processors;
a memory;
one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: and executing the vulnerability classification method based on the vulnerability codes.
In a fourth aspect, a computer-readable storage medium is provided, which is used for storing computer instructions, and when the computer instructions are executed on a computer, the computer can execute the vulnerability classification method based on vulnerability codes in the first aspect.
Compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method, the vulnerability classification device and the electronic equipment based on the vulnerability codes acquire vulnerability codes to be classified and relevant information of the vulnerability codes to be classified, then the acquired vulnerability codes to be classified and the relevant information are identified and analyzed based on a pre-trained neural network model, vulnerability classification result information of the vulnerability codes is obtained, namely the vulnerability codes are classified based on the vulnerability codes and the relevant information through the pre-trained neural network model, so that automatic classification of the vulnerability codes is realized, classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased for classification of the vulnerability codes, and labor cost for classification of the vulnerability codes is reduced.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a schematic flowchart of a vulnerability classification method based on vulnerability codes according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of another vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The embodiment of the present application provides a vulnerability classification method based on vulnerability codes, as shown in fig. 1, the method includes,
step S101, acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
specifically, the vulnerability code to be classified and the related information thereof are obtained through a corresponding obtaining method, wherein the vulnerability code to be classified can be a vulnerability code determined by relevant testers through testing and finding project codes.
Step S102, the acquired vulnerability codes to be classified and related information are identified and analyzed based on a pre-trained neural network model, and vulnerability classification result information of the vulnerability codes is obtained.
Specifically, the acquired vulnerability codes to be classified and relevant information thereof are input into a pre-trained neural network model, and the vulnerability codes and the relevant information thereof are identified and analyzed through the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
The pre-trained Neural Network model may be a model of a Neural Network based on RNN (Recurrent Neural Network) or LSTM (Long Short-Term Memory Network). The pre-trained neural network model can be obtained by training according to a plurality of vulnerability codes and relevant information thereof, and various vulnerability code types marked by manual marking or other methods.
Compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method based on the vulnerability codes obtains the vulnerability classification result information of the vulnerability codes, namely the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, and in addition, even if the number of the vulnerability codes is large, related workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The embodiment of the present application provides a possible implementation manner, and specifically, step S102 includes:
step S1021 (not shown in the figure), determining an initial vector characterization of the obtained vulnerability code and related information;
specifically, the initial vector representation of the vulnerability code and the related information thereof may be obtained by a corresponding word embedding method, where the word embedding method may be a word embedding layer of a pre-trained neural network, where the obtained vulnerability code and the related information thereof may be preprocessed, for example, the obtained vulnerability code and the related information thereof may be participled by a corresponding western language text participle method or a chinese text participle method, and the related text words after the participle processing may be subjected to a stop word removing operation to remove some stopwords in the middle and western languages, such as "a, an, and, are, the" of western languages, the "of chinese, the" of land, the "of also, the" of chinese, and the like.
Step S1022 (not shown in the figure), performing feature extraction based on the determined initial vector characterization through a feature extraction network of a pre-trained neural network model to obtain a feature vector characterization of the vulnerability code and the related information;
specifically, feature extraction can be performed on the determined initial vector characterization through the convolution layer of the pre-trained neural network model, so that feature vector characterization of the vulnerability code and relevant information of the vulnerability code is obtained.
Step S1023 (not shown in the figure), the feature vector representation is input to the classification network of the pre-trained neural network, and vulnerability classification result information of the vulnerability code to be classified is obtained.
Specifically, the feature vector representation is input to a classification network of a pre-trained neural network model, such as a softmax-based network layer, to obtain vulnerability classification result information of vulnerability codes to be classified, where the vulnerability classification result information may be probability values of various vulnerability types respectively corresponding to the vulnerability codes, or may be determined by a certain vulnerability type, where the determined certain vulnerability type may be determined according to the probability values of various vulnerability types respectively corresponding to the vulnerability codes.
According to the vulnerability classification method and device, the vulnerability codes to be classified are automatically classified by determining the initial vector representation of the vulnerability codes to be classified and the related information of the vulnerability codes to be classified, extracting features based on the initial vector representation to obtain the feature vector representation, and then determining the vulnerability classification result information of the vulnerability codes to be classified through the classification network of the pre-trained neural network model, so that the vulnerability codes to be classified are automatically classified, and the vulnerability classification efficiency of the vulnerability codes is improved.
The relevant information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
The related information of the vulnerability codes to be classified includes but is not limited to code warehouse information and project related information, wherein the code warehouse information includes but is not limited to code storage addresses and code version information, and the project related information includes but is not limited to file names, file paths, project names, group information and responsible person information.
For the embodiment of the application, the relevant information of the vulnerability codes to be classified comprises a plurality of pieces of information with different dimensions, so that a foundation is provided for obtaining more semantic information of the vulnerability codes to be classified, and the vulnerability classification accuracy of the vulnerability codes can be improved.
The vulnerability classification result information comprises vulnerability types of vulnerability codes, and the vulnerability types comprise at least one of the following items:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
The vulnerability classification result information includes but is not limited to vulnerability types of vulnerability codes, wherein the vulnerability types include but are not limited to redundant repeated vulnerabilities, false alarm vulnerabilities and useless code vulnerabilities.
For the embodiment of the application, the vulnerability types of the vulnerability codes are various, and the fine classification of the vulnerability codes provides a basis for correspondingly processing the vulnerability codes in a subsequent pertinence manner, so that the code quality is improved.
The embodiment of the present application provides a possible implementation manner, and further, the method further includes:
step S103 (not shown in the figure), pushing corresponding processing suggestion information according to the vulnerability classification result information.
Specifically, the corresponding processing suggestion information may be pushed respectively according to the difference of the vulnerability classification result information.
According to the embodiment of the application, corresponding processing suggestion information is respectively pushed according to different vulnerability classification result information, so that the targeted processing of different vulnerability types is realized, and the efficiency of solving the vulnerability problem of corresponding vulnerability codes is improved.
The embodiment of the present application provides a possible implementation manner, and specifically, step S103 includes:
step S1031 (not shown in the figure), if the bug type of the bug code is a redundant repeated bug, pushing suggestion information for deleting the redundant code and replacing by using a common code library code;
step S1032 (not shown in the figure), if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
step S1033 (not shown in the figure), if the bug type of the bug code is a garbage code bug, pushing recommendation information for deleting the garbage code.
For the embodiment of the application, if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, the recommendation information for deleting the redundant code and replacing the redundant code by using the common code base code is pushed, so that the redundancy rate of the project code can be reduced; if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule, so as to prevent the corresponding code to be detected from being detected as the vulnerability code; if the bug type of the bug code is a useless code bug, pushing and deleting recommendation information of the useless code, so that the space storage amount of the project code can be reduced.
For the embodiment of the application, the corresponding suggestion information is respectively pushed according to different vulnerability types, so that the efficiency of solving the vulnerability problem of the corresponding vulnerability code can be improved.
Fig. 2 is a vulnerability classification apparatus based on vulnerability codes according to an embodiment of the present application, where the apparatus 20 includes: an acquisition module 201 and an identification module 202;
an obtaining module 201, configured to obtain a vulnerability code to be classified and related information of the vulnerability code to be classified;
an identifying module 202, configured to perform identification analysis on the vulnerability code to be classified and the related information obtained by the obtaining module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability code
The embodiment of the application provides a vulnerability classification device based on vulnerability codes, compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification device based on the vulnerability codes to be classified obtains vulnerability classification result information of the vulnerability codes by obtaining relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and relevant information, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The vulnerability classification device based on the vulnerability codes can execute the vulnerability classification method based on the vulnerability codes provided in the embodiments of the present application, and the implementation principles are similar, and are not described herein again.
An embodiment of the present application provides another vulnerability classification apparatus based on vulnerability codes, as shown in fig. 3, the apparatus 30 of the present embodiment includes: an acquisition module 301 and an identification module 302;
an obtaining module 301, configured to obtain a vulnerability code to be classified and related information of the vulnerability code to be classified;
the acquiring module 301 in fig. 3 has the same or similar function as the acquiring module 201 in fig. 2.
The identifying module 302 is configured to identify and analyze the vulnerability codes to be classified and the related information acquired by the acquiring module based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
Wherein the identification module 302 of fig. 3 has the same or similar function as the identification module 202 of fig. 2.
The embodiments of the present application provide a possible implementation manner, and in particular,
the recognition module 302 includes a first determination unit 3021, a feature extraction unit 3022, and a classification unit 3023;
a first determining unit 3021, configured to determine an initial vector representation of the obtained vulnerability code and related information;
the feature extraction unit 3022 is configured to perform feature extraction on the basis of the initial vector characterization determined by the first determination unit 3021 through a feature extraction network of a pre-trained neural network model to obtain a feature vector characterization of the vulnerability code and related information;
and the classification unit 3023 is configured to input the feature vector representation extracted by the feature extraction unit 3022 into a classification network of a pre-trained neural network to obtain vulnerability classification result information of the vulnerability code to be classified.
According to the vulnerability classification method and device, the vulnerability codes to be classified are automatically classified by determining the initial vector representation of the vulnerability codes to be classified and the related information of the vulnerability codes to be classified, extracting features based on the initial vector representation to obtain the feature vector representation, and then determining the vulnerability classification result information of the vulnerability codes to be classified through the classification network of the pre-trained neural network model, so that the vulnerability codes to be classified are automatically classified, and the vulnerability classification efficiency of the vulnerability codes is improved.
The relevant information of the vulnerability codes to be classified comprises at least one of the following items: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
For the embodiment of the application, the relevant information of the vulnerability codes to be classified comprises a plurality of pieces of information with different dimensions, so that a foundation is provided for obtaining more semantic information of the vulnerability codes to be classified, and the vulnerability classification accuracy of the vulnerability codes can be improved.
The vulnerability classification result information comprises vulnerability types of vulnerability codes, and the vulnerability types comprise at least one of the following items:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
For the embodiment of the application, the vulnerability types of the vulnerability codes are various, and the fine classification of the vulnerability codes provides a basis for correspondingly processing the vulnerability codes in a subsequent pertinence manner, so that the code quality is improved.
The embodiment of the present application provides a possible implementation manner, and further, the apparatus further includes a pushing module 303;
and the pushing module 303 is configured to push corresponding processing suggestion information according to the vulnerability classification result information.
The embodiment of the present application provides a possible implementation manner, and specifically, the pushing module 303 is configured to, if a vulnerability type of a vulnerability code is a redundant repeated vulnerability, push suggestion information for deleting the redundant code and replacing the vulnerability code with a common code base code;
and/or, if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and/or pushing recommendation information for deleting the useless codes if the bug type of the bug codes is a useless code bug.
According to the embodiment of the application, corresponding processing suggestion information is respectively pushed according to different vulnerability classification result information, so that the targeted processing of different vulnerability types is realized, and the efficiency of solving the vulnerability problem of corresponding vulnerability codes is improved.
The embodiment of the application provides a vulnerability classification device based on vulnerability codes, compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification device based on the vulnerability codes to be classified obtains vulnerability classification result information of the vulnerability codes by obtaining relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and relevant information, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, relevant workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The vulnerability classification device based on the vulnerability codes can execute the vulnerability classification method based on the vulnerability codes provided in the embodiments of the present application, and the implementation principles are similar, and are not described herein again.
An embodiment of the present application provides an electronic device, as shown in fig. 4, an electronic device 40 shown in fig. 4 includes: a processor 4001 and a memory 4003. Processor 4001 is coupled to memory 4003, such as via bus 4002. Further, the electronic device 40 may also include a transceiver 4004. In addition, the transceiver 4004 is not limited to one in practical applications, and the structure of the electronic device 400 is not limited to the embodiment of the present application.
The processor 4001 is applied in the embodiment of the present application, and is configured to implement the functions of the obtaining module and the identifying module shown in fig. 2 or fig. 3, and to implement the function of the pushing module shown in fig. 3. The transceiver 4004 includes a receiver and a transmitter.
The memory 4003 is used for storing application codes for executing the scheme of the present application, and the execution is controlled by the processor 4001. The processor 4001 is configured to execute application program codes stored in the memory 4003 to implement the functions of the vulnerability classification apparatus based on vulnerability codes provided by the embodiment shown in fig. 2 or fig. 3.
The embodiment of the application provides an electronic device suitable for the method embodiment. And will not be described in detail herein.
The embodiment of the application provides electronic equipment, compared with the prior art that vulnerability codes are classified in a manual mode, the embodiment of the application obtains vulnerability classification result information of the vulnerability codes by obtaining the vulnerability codes to be classified and relevant information of the vulnerability codes to be classified and then identifying and analyzing the obtained vulnerability codes to be classified and relevant information based on a pre-trained neural network model, namely, the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, in addition, even if the number of the vulnerability codes is large, related workers do not need to be added for classification of the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The present application provides a computer-readable storage medium, on which a computer program is stored, and when the program is executed by a processor, the method shown in the above embodiments is implemented.
Embodiments of the present application provide a computer-readable storage medium,
compared with the prior art that vulnerability codes are classified in a manual mode, the vulnerability classification method based on the vulnerability codes obtains the vulnerability classification result information of the vulnerability codes, namely the vulnerability codes are classified through the pre-trained neural network model based on the vulnerability codes and the relevant information thereof, so that the automatic classification of the vulnerability codes is realized, the classification efficiency of the vulnerability codes is improved, and in addition, even if the number of the vulnerability codes is large, related workers do not need to be increased to classify the vulnerability codes, and the labor cost of vulnerability code classification is reduced.
The embodiment of the application provides a computer-readable storage medium which is suitable for the method embodiment. And will not be described in detail herein.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present application, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present application, and these modifications and decorations should also be regarded as the protection scope of the present application.
Claims (10)
1. A vulnerability classification method based on vulnerability codes is characterized by comprising the following steps:
acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and identifying and analyzing the acquired vulnerability codes to be classified and the related information based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
2. The method according to claim 1, wherein the identifying and analyzing the acquired vulnerability codes to be classified and the related information based on the pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes to be classified comprises:
determining initial vector representation of the acquired vulnerability codes and the related information;
extracting features based on the determined initial vector characterization through a feature extraction network of the pre-trained neural network model to obtain feature vector characterization of the vulnerability codes and the related information;
and inputting the characteristic vector representation to the classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
3. The method of claim 1, wherein the information related to the vulnerability code to be classified comprises at least one of: code repository information; project related information;
wherein the code repository information comprises at least one of:
a code storage address; code version information;
the item-related information includes at least the following:
a file name; a file path; a project name; group information; and (4) information of the responsible person.
4. The method of claim 1, wherein the vulnerability classification result information comprises vulnerability types of vulnerability codes, and wherein the vulnerability types include at least one of:
a redundant repetition hole; a bug is reported by mistake; a garbage code vulnerability.
5. The method according to any one of claims 1-4, characterized in that the method further comprises:
and pushing corresponding processing suggestion information according to the vulnerability classification result information.
6. The method according to claim 5, wherein the pushing corresponding processing suggestion information according to the vulnerability classification result information comprises:
if the vulnerability type of the vulnerability code is a redundant repeated vulnerability, pushing suggestion information for deleting the redundant code and replacing the redundant code by using a common code base code;
if the vulnerability type of the vulnerability code is a false-alarm vulnerability, pushing suggestion information for adding the vulnerability code into a white list and modifying a code vulnerability detection rule;
and if the vulnerability type of the vulnerability code is a useless code vulnerability, pushing recommendation information for deleting the useless code.
7. The utility model provides a vulnerability classification device based on vulnerability code which characterized in that includes:
the system comprises an acquisition module, a classification module and a classification module, wherein the acquisition module is used for acquiring vulnerability codes to be classified and related information of the vulnerability codes to be classified;
and the recognition module is used for carrying out recognition analysis on the vulnerability codes to be classified and the related information which are acquired by the acquisition module based on a pre-trained neural network model to obtain vulnerability classification result information of the vulnerability codes.
8. The apparatus of claim 7, wherein the identification module comprises a first determination unit, a feature extraction unit and a classification unit;
the first determining unit is configured to determine initial vector representations of the acquired vulnerability code and the related information;
the feature extraction unit is configured to perform feature extraction on the basis of the initial vector characterization determined by the first determination unit through a feature extraction network of the pre-trained neural network model to obtain the vulnerability code and the feature vector characterization of the relevant information;
and the classification unit is used for inputting the characteristic vector representation extracted by the characteristic extraction unit into the classification network of the pre-trained neural network to obtain vulnerability classification result information of the vulnerability codes to be classified.
9. An electronic device, comprising:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: executing the vulnerability classification method based on vulnerability codes according to any of claims 1 to 6.
10. A computer-readable storage medium for storing computer instructions which, when executed on a computer, enable the computer to perform the vulnerability classification method based on vulnerability codes of any of the above claims 1 to 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811550878.7A CN111338692B (en) | 2018-12-18 | 2018-12-18 | Vulnerability classification method and device based on vulnerability codes and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811550878.7A CN111338692B (en) | 2018-12-18 | 2018-12-18 | Vulnerability classification method and device based on vulnerability codes and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111338692A true CN111338692A (en) | 2020-06-26 |
CN111338692B CN111338692B (en) | 2024-04-16 |
Family
ID=71181417
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811550878.7A Active CN111338692B (en) | 2018-12-18 | 2018-12-18 | Vulnerability classification method and device based on vulnerability codes and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111338692B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111967021A (en) * | 2020-08-27 | 2020-11-20 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
CN112115476A (en) * | 2020-08-06 | 2020-12-22 | 扬州大学 | LSTM-based vulnerability automatic classification method, system and computer equipment |
CN112733137A (en) * | 2020-12-24 | 2021-04-30 | 哈尔滨工业大学 | Binary code similarity analysis method for vulnerability detection |
CN112988447A (en) * | 2021-05-20 | 2021-06-18 | 全时云商务服务股份有限公司 | Method, system and readable storage medium for automatically correcting vulnerability information |
CN113343248A (en) * | 2021-07-19 | 2021-09-03 | 北京有竹居网络技术有限公司 | Vulnerability identification method, device, equipment and storage medium |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017181286A1 (en) * | 2016-04-22 | 2017-10-26 | Lin Tan | Method for determining defects and vulnerabilities in software code |
US20180075348A1 (en) * | 2016-09-09 | 2018-03-15 | Cylance Inc. | Machine learning model for analysis of instruction sequences |
CN107885999A (en) * | 2017-11-08 | 2018-04-06 | 华中科技大学 | A kind of leak detection method and system based on deep learning |
CN108376220A (en) * | 2018-02-01 | 2018-08-07 | 东巽科技(北京)有限公司 | A kind of malice sample program sorting technique and system based on deep learning |
CN108509958A (en) * | 2018-03-30 | 2018-09-07 | 北京金山安全软件有限公司 | Defect type detection method, defect type detection device, electronic equipment and medium |
CN108549817A (en) * | 2018-04-19 | 2018-09-18 | 北京理工大学 | A kind of software security flaw prediction technique based on text deep learning |
US20180276562A1 (en) * | 2017-03-24 | 2018-09-27 | Microsoft Technology Licensing, Llc | Bug categorization and team boundary inference via automated bug detection |
US20180285740A1 (en) * | 2017-04-03 | 2018-10-04 | Royal Bank Of Canada | Systems and methods for malicious code detection |
CN108763931A (en) * | 2018-05-28 | 2018-11-06 | 上海交通大学 | Leak detection method based on Bi-LSTM and text similarity |
CN108763928A (en) * | 2018-05-03 | 2018-11-06 | 北京邮电大学 | A kind of open source software leak analysis method, apparatus and storage medium |
-
2018
- 2018-12-18 CN CN201811550878.7A patent/CN111338692B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017181286A1 (en) * | 2016-04-22 | 2017-10-26 | Lin Tan | Method for determining defects and vulnerabilities in software code |
US20180075348A1 (en) * | 2016-09-09 | 2018-03-15 | Cylance Inc. | Machine learning model for analysis of instruction sequences |
US20180276562A1 (en) * | 2017-03-24 | 2018-09-27 | Microsoft Technology Licensing, Llc | Bug categorization and team boundary inference via automated bug detection |
US20180285740A1 (en) * | 2017-04-03 | 2018-10-04 | Royal Bank Of Canada | Systems and methods for malicious code detection |
CN107885999A (en) * | 2017-11-08 | 2018-04-06 | 华中科技大学 | A kind of leak detection method and system based on deep learning |
CN108376220A (en) * | 2018-02-01 | 2018-08-07 | 东巽科技(北京)有限公司 | A kind of malice sample program sorting technique and system based on deep learning |
CN108509958A (en) * | 2018-03-30 | 2018-09-07 | 北京金山安全软件有限公司 | Defect type detection method, defect type detection device, electronic equipment and medium |
CN108549817A (en) * | 2018-04-19 | 2018-09-18 | 北京理工大学 | A kind of software security flaw prediction technique based on text deep learning |
CN108763928A (en) * | 2018-05-03 | 2018-11-06 | 北京邮电大学 | A kind of open source software leak analysis method, apparatus and storage medium |
CN108763931A (en) * | 2018-05-28 | 2018-11-06 | 上海交通大学 | Leak detection method based on Bi-LSTM and text similarity |
Non-Patent Citations (7)
Title |
---|
WOLFSHADOW: "A Deep Learning-Based System for Vulnerability Detection(二)", pages 1 - 4, Retrieved from the Internet <URL:https://www.cnblogs.com/TomDwan/p/9937032.html> * |
XIAN ZHANG等: "2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)", 《CROSS-ENTROPY: A NEW METRIC FOR SOFTWARE DEFECT PREDICTION》, 6 August 2018 (2018-08-06), pages 111 - 122 * |
刘浏: "基于机器学习的恶意代码检测与分类技术研究", 《中国优秀博士学位论文全文数据库(信息科技辑)》, no. 02, 15 February 2020 (2020-02-15), pages 138 - 18 * |
孙鸿宇等: "人工智能技术在安全漏洞领域的应用", 《通信学报》, no. 08, 31 August 2018 (2018-08-31), pages 1 - 17 * |
张立勇: "软件源代码安全分析研究", 《中国优秀博士学位论文全文数据库(信息科技辑)》, no. 12, 15 December 2011 (2011-12-15), pages 138 - 11 * |
李楠: "基于IPV6的入侵检测系统的研究与实现", 《中国优秀硕士学位论文全文数据库(信息科技 辑)》, no. 08, 15 August 2006 (2006-08-15), pages 139 - 95 * |
郭敏洁: "无线传感器网络漏洞扫描系统研究与实现", 《中国优秀硕士学位论文全文数据库(信息科技辑)》, no. 04, 15 April 2018 (2018-04-15), pages 140 - 233 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115476A (en) * | 2020-08-06 | 2020-12-22 | 扬州大学 | LSTM-based vulnerability automatic classification method, system and computer equipment |
CN112115476B (en) * | 2020-08-06 | 2023-10-24 | 扬州大学 | Automatic vulnerability classification method, system and computer equipment based on LSTM |
CN111967021A (en) * | 2020-08-27 | 2020-11-20 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
CN111967021B (en) * | 2020-08-27 | 2022-06-03 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
CN112733137A (en) * | 2020-12-24 | 2021-04-30 | 哈尔滨工业大学 | Binary code similarity analysis method for vulnerability detection |
CN112988447A (en) * | 2021-05-20 | 2021-06-18 | 全时云商务服务股份有限公司 | Method, system and readable storage medium for automatically correcting vulnerability information |
CN113343248A (en) * | 2021-07-19 | 2021-09-03 | 北京有竹居网络技术有限公司 | Vulnerability identification method, device, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN111338692B (en) | 2024-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111338692B (en) | Vulnerability classification method and device based on vulnerability codes and electronic equipment | |
CN106778241B (en) | Malicious file identification method and device | |
CN107423278B (en) | Evaluation element identification method, device and system | |
CN108985057B (en) | Webshell detection method and related equipment | |
CN111368289B (en) | Malicious software detection method and device | |
CN109711163B (en) | Android malicious software detection method based on API (application program interface) calling sequence | |
CN111262730B (en) | Method and device for processing alarm information | |
CN113778864A (en) | Test case generation method and device, electronic equipment and storage medium | |
CN114461534A (en) | Software performance testing method and system, electronic equipment and readable storage medium | |
CN113205130B (en) | Data auditing method and device, electronic equipment and storage medium | |
CN112257757A (en) | Malicious sample detection method and system based on deep learning | |
CN112116018A (en) | Sample classification method, apparatus, computer device, medium, and program product | |
CN111523322A (en) | Requirement document quality evaluation model training method and requirement document quality evaluation method | |
CN108829590B (en) | Software testing method, device and system | |
CN110598115A (en) | Sensitive webpage identification method and system based on artificial intelligence multi-engine | |
CN113836297B (en) | Training method and device for text emotion analysis model | |
CN114706766A (en) | False alarm elimination method and device of security function, electronic equipment and storage medium | |
CN107305540B (en) | Address segmentation recognition method | |
CN115080745A (en) | Multi-scene text classification method, device, equipment and medium based on artificial intelligence | |
CN114254588A (en) | Data tag processing method and device | |
CN111339776B (en) | Resume parsing method and device, electronic equipment and computer-readable storage medium | |
CN114090650A (en) | Sample data identification method and device, electronic equipment and storage medium | |
CN113688240A (en) | Threat element extraction method, device, equipment and storage medium | |
CN108875770B (en) | Pedestrian detection false alarm data labeling method, device, system and storage medium | |
CN114884686B (en) | PHP threat identification method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |