CN108108622B - Vulnerability detection system based on deep convolutional network and control flow graph - Google Patents
Vulnerability detection system based on deep convolutional network and control flow graph Download PDFInfo
- Publication number
- CN108108622B CN108108622B CN201711325630.6A CN201711325630A CN108108622B CN 108108622 B CN108108622 B CN 108108622B CN 201711325630 A CN201711325630 A CN 201711325630A CN 108108622 B CN108108622 B CN 108108622B
- Authority
- CN
- China
- Prior art keywords
- neural network
- code
- vulnerability
- control flow
- flow graph
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/53—Decompilation; Disassembly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
- G06N3/084—Backpropagation, e.g. using gradient descent
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Biophysics (AREA)
- Mathematical Physics (AREA)
- Biomedical Technology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Health & Medical Sciences (AREA)
- Image Analysis (AREA)
Abstract
A vulnerability detection system based on a deep convolutional network and a control flow graph comprises: a preprocessing module, a training module, and a prediction module, wherein: the method comprises the following steps that a preprocessing module reads target codes in a vulnerability code base, generates a control flow graph and then converts the control flow graph into a two-dimensional vector, and a feature learning module extracts and trains features from the two-dimensional vector by using a deep convolutional network; according to the method, a large number of vulnerability samples are analyzed, a characteristic model of the vulnerability is obtained in a deep learning mode, an unknown vulnerability is found by the model, and meanwhile similarity comparison is carried out on a code to be detected and a code of a known vulnerability, so that an approximate vulnerability code is found. By means of artificial intelligence, the difficulty of vulnerability mining can be reduced, vulnerability characteristics are found by a machine, codes without vulnerabilities are screened out, and the efficiency of security engineers is improved.
Description
Technical Field
The invention relates to a technology in the field of image processing, in particular to a technology for converting codes into a control flow graph, recoding the control flow graph into an image and extracting code vulnerability characteristics through deep learning of the image.
Background
The vulnerability refers to some functional or security logic defects existing in the system, including all factors causing threats and damaging the security of the computer system, and is defects and insufficiencies existing in the specific implementation of hardware, software and protocol or system security policies of the computer system. The current commonly used vulnerability mining techniques include: manual detection, Fuzz technique, binary comparison, static analysis, and dynamic analysis. Under a real engineering environment, vulnerability mining is guided by human judgment and is combined with the common technologies, so the efficiency of vulnerability mining mainly depends on the capability of a safety engineer. By means of artificial intelligence, the difficulty of vulnerability mining can be reduced, vulnerability characteristics are found by a machine, codes without vulnerabilities are screened out, and the efficiency of engineers is improved.
Disclosure of Invention
Aiming at the defects and shortcomings of the prior art, the invention provides a vulnerability detection system based on a deep convolutional network and a control flow graph, codes are converted into the control flow graph, the control flow graph is recoded into an image, and a deep learning model is used for feature learning of the image, so that the image features of the vulnerability are obtained. The specific method comprises the following steps: the source code is first converted to assembly language and the binary code is disassembled into assembly code. And generating a control flow graph of the assembly code, and coding the control flow graph so as to convert the control flow graph into a vector. These vectors are combined to become a two-dimensional vector, which corresponds to a composite image. The invention discovers vulnerabilities in two ways. One method is to analyze a large number of vulnerability samples, obtain a characteristic model of the vulnerability in a deep learning mode, and find unknown vulnerabilities by using the model; and the other method is to compare the similarity of the code to be detected with the code of the known bug to find out the approximate bug code.
The invention is realized by the following technical scheme:
the invention relates to a vulnerability detection system based on a deep convolutional network and a control flow graph, which comprises the following steps: a preprocessing module, a training module, and a prediction module, wherein: the preprocessing module reads in target codes in a vulnerability code base and generates a control flow graph and then converts the target codes into two-dimensional vectors, the feature learning module applies a deep convolutional network to carry out feature extraction and training from the two-dimensional vectors, and the training module comprises: the convolutional neural network unit is used for carrying out feature extraction on the two-dimensional vector by using a deep convolutional network and training to obtain a neural network parameter for identifying the vulnerability feature; the BP neural network unit performs similarity analysis on the target code and the vulnerability code by using a BP neural network and trains to obtain neural network parameters for judging code similarity, the prediction module performs prediction work on the target code, judges whether the vulnerability is included according to the parameters obtained by the training module, and generates a vulnerability report for the code judged to have the vulnerability.
When the object code is a binary code, the preprocessing module firstly performs disassembly operation to obtain an assembly code; and generating a control flow graph according to the assembly code, mapping each node of the control flow graph to a vector, and combining to obtain the control flow graph.
The vulnerability code base is a vulnerability code collected from the CVE database.
The preprocessing module comprises: the control flow graph generation device comprises a compiler for compiling codes into assembly codes, a control flow graph generation unit for converting the assembly codes into the control flow graphs through an open source tool, and an encoding unit for encoding each node of the control flow graphs into vectors and combining the vectors into a two-dimensional vector.
The training module comprises: the convolutional neural network unit, the parameter adjustment unit of convolutional neural network, BP neural network unit and the parameter adjustment unit of BP neural network unit, wherein: the convolutional neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs feature extraction and trains to obtain neural network parameters for identifying vulnerability features, the parameter adjusting unit of the convolutional neural network is connected with the convolutional neural network unit and transmits the adjusted neural network parameters, the BP neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs similarity analysis and trains to obtain neural network parameters for judging code similarity, and the parameter adjusting unit of the BP neural network unit is connected with the BP neural network unit and transmits the adjusted neural network parameters.
Technical effects
Compared with the prior art, the method is based on deep learning, the code is automatically detected, and potential bugs in the code are found. The method and the device can be used for judging whether the codes contain the bugs or not by machines instead of the traditional manual detection, and can save a large amount of labor cost.
Drawings
FIG. 1 is a schematic diagram of a deep convolutional neural network unit for feature learning;
FIG. 2 is a schematic diagram of a BP neural network for similarity comparison;
FIG. 3 is a schematic flow chart of an embodiment.
Detailed Description
The embodiment comprises the following steps: a preprocessing module, a training module, and a prediction module, wherein: and the preprocessing module reads in the vulnerability code base, converts the vulnerability code base into an assembly code if the object code is a source code, and performs disassembly operation if the object code is a binary code to obtain the assembly code. Generating a control flow graph from the assembly codes, encoding the control flow graph to convert the control flow graph into vectors, combining the vectors to form a two-dimensional vector, which is equivalent to synthesizing into an image; the training module consists of two sub-modules: a convolution neural network unit for feature learning, which applies a deep convolution network to carry out the processes of feature extraction and training; and the BP neural network unit for similarity comparison is used for carrying out code similarity analysis by using cluster analysis so as to find the vulnerability codes. And the prediction module performs prediction work on the code to be detected, judges whether the code contains a leak or not, and finally detects the code judged to have the leak by manpower.
The vulnerability code base is a vulnerability code collected from the CVE database.
The vulnerability codes targeted by the embodiment are C language and C + + language.
The preprocessing module converts the codes into images, and specifically comprises the following steps: when the object code is C language and C + + language, the gcc is compiled into assembly code; when the target code is a binary code, the binary code is converted into an assembly code manually by means of a conversion tool, a control flow graph of the assembly code is further obtained by means of the conversion tool, and the control flow graph is further analyzed to obtain attributes of the control flow graph. And (3) mapping each node of the control flow graph to a vector by using a structure2vec algorithm, and combining the vectors into a two-dimensional vector, namely equivalent to an image.
The control flow graph refers to a graph representing all paths traversed in the process of executing a program in a form of graph, and is an important tool for program static analysis.
The attributes of the control flow graph refer to the attributes inside the nodes of the flow graph and the attributes between the nodes, and the specific parameters are as follows:
TABLE 1
The nodes of the control flow graph are specifically converted into vectors through a structure2vec algorithm, the algorithm adopts an iteration mode, not only the attribute characteristics of the nodes are reserved, but also the relationship between adjacent nodes is considered, and the method is specifically as follows:
xva d-dimensional vector representing the composition of attributes in Table one, N (v) represents all the adjacent nodes of a node v in a control flow graph g, and each node is from muv(0) Start iteration, μv(0) Is filled as a 0 vector, W1Is a d × P matrix, P denotes the length of the vector fill, Pi(i ═ 1, …, n) is a p × p matrix.
F(xv,∑u∈N(v)μu)=tanh(W1xv+σ(∑u∈N(v)μu))
σ(l)=P1×ReLU(P2×…ReLU(Pnl))
ReLU(x)=max{0,x}
In the structure2vec algorithm, all the attributes in table one are selected, i.e., d is 8 in this embodiment.
The training module comprises: the convolutional neural network unit, the parameter adjustment unit of convolutional neural network, BP neural network unit and the parameter adjustment unit of BP neural network unit, wherein: the convolutional neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs feature extraction and trains to obtain neural network parameters for identifying vulnerability features, the parameter adjusting unit of the convolutional neural network is connected with the convolutional neural network unit and transmits the adjusted neural network parameters, the BP neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs similarity analysis and trains to obtain neural network parameters for judging code similarity, and the parameter adjusting unit of the BP neural network unit is connected with the BP neural network unit and transmits the adjusted neural network parameters.
The convolutional neural network unit automatically extracts features of a two-dimensional vector through a convolutional neural network, as shown in fig. 1, the convolutional neural network unit includes: input layer, first convolution layer, first active layer, first pooling layer, second convolution layer, second active layer, second pooling layer, first full-link layer, second full-link layer and the active layer that connects gradually, wherein: the convolution layer is used for extracting features, the pooling layer is used for compressing and extracting main features of an image, the activation layer is used for introducing nonlinearity, and the full-connection layer is used for connecting all the features for classification, namely after training and extracting the features through two layers of 3 × 3 convolution kernels and the pooling layer, whether the features are leaks or not is judged through the two layers of the full-connection layer.
As shown in fig. 2, the BP neural network unit performs cosine operation on the two-dimensional vector obtained by structure2vec algorithm conversion, and outputs 1 if the target code is similar to the bug code, which is different from-1, specifically:wherein: g denotes a control flow graph which is,the structure2vec algorithm is shown.
The prediction module comprises: discrimination module, log module and artifical discrimination module, wherein: the judging module is connected with the training module and receives results of feature learning and binary comparison, the log module is connected with the judging module, an input data flow graph and a control flow graph are generated for codes judged to be leaky, manual detection of engineers is facilitated, the manual judging module is connected with the log module, and when the codes judged to be leaky by the model pass through the log module to generate a data flow graph, and the data flow graph is submitted to manual detection. And (4) judging whether the loopholes detected by the model are available loopholes or not by manpower finally.
The results obtained after the system works according to the flow shown in fig. 3 include: [0,0], [0,1], [1,0], [1,1], wherein: 0 means no holes are included and 1 means holes are present. Both parameters are ORed, i.e. only the output of 0,0 is filtered out.
Compared with the traditional static analysis, the invention adds the structural characteristics and the instruction characteristics of the code for judgment, expands the characteristic space and has higher detectable rate. Compared with dynamic analysis, the method has obvious advantages in detection speed.
The foregoing embodiments may be modified in many different ways by those skilled in the art without departing from the spirit and scope of the invention, which is defined by the appended claims and all changes that come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
Claims (8)
1. The utility model provides a vulnerability detection system based on deep convolutional network and control flow graph which characterized in that includes: a preprocessing module, a training module, and a prediction module, wherein: the preprocessing module reads in target codes in a vulnerability code base and generates a control flow graph and then converts the target codes into two-dimensional vectors, the feature learning module applies a deep convolutional network to carry out feature extraction and training from the two-dimensional vectors, and the training module comprises: the convolutional neural network unit is used for carrying out feature extraction on the two-dimensional vector by using a deep convolutional network and training to obtain a neural network parameter for identifying the vulnerability feature; the BP neural network unit performs similarity analysis on the target code and the vulnerability code by using a BP neural network and trains to obtain a neural network parameter for judging code similarity, the prediction module performs prediction work on the target code, judges whether the vulnerability is included according to the parameter obtained by the training module, and generates a vulnerability report for the code judged to have the vulnerability;
when the object code is a binary code, the preprocessing module firstly performs disassembly operation to obtain an assembly code; and generating a control flow graph according to the assembly code, mapping each node of the control flow graph to a vector, and combining to obtain the control flow graph.
2. The system of claim 1, wherein the vulnerability code library is a vulnerability code collected from a CVE database.
3. The system of claim 1, wherein the preprocessing module comprises: the control flow graph generation device comprises a compiler for compiling codes into assembly codes, a control flow graph generation unit for converting the assembly codes into the control flow graphs through an open source tool, and an encoding unit for encoding each node of the control flow graphs into vectors and combining the vectors into a two-dimensional vector.
4. The system of claim 3, wherein when the object code is binary code, the binary code is manually converted into assembly code, the assembly code is converted into a control flow graph of the assembly code, and the control flow graph is further analyzed to obtain the attributes of the control flow graph; and (3) mapping each node of the control flow graph to a vector by using a structure2vec algorithm, and combining the vectors into a two-dimensional vector.
5. The system of claim 4, wherein the structure2vec algorithm is specifically:
wherein: σ (l) ═ P1×ReLU(P2×...ReLU(Pnl)),ReLU(x)=max{0,x},xvA d-dimensional vector representing the composition of attributes within a node and attributes between nodes, N (v) representing all the adjacent nodes of node v in the control flow graph g, each node from muv (0)Start iteration, μv (0)Is filled with a 0 vector, W1Is a d × P matrix, P denotes the length of the vector fill, PiIs a p × p matrix, i ═ 1.., n,
the attributes inside the node comprise: string constants, number of branch instructions, number of call instructions, number of arithmetic instructions;
the attributes among the nodes comprise: the number of child nodes and the betweenness centrality.
6. The system of claim 1, wherein said training module comprises: the convolutional neural network unit, the parameter adjustment unit of convolutional neural network, BP neural network unit and the parameter adjustment unit of BP neural network unit, wherein: the convolutional neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs feature extraction and trains to obtain neural network parameters for identifying vulnerability features, the parameter adjusting unit of the convolutional neural network is connected with the convolutional neural network unit and transmits the adjusted neural network parameters, the BP neural network unit is connected with the preprocessing module, receives the two-dimensional vector, performs similarity analysis and trains to obtain neural network parameters for judging code similarity, and the parameter adjusting unit of the BP neural network unit is connected with the BP neural network unit and transmits the adjusted neural network parameters.
7. The system of claim 1 or 6, wherein said convolutional neural network unit comprises: the input layer, the first convolution layer, the first activation layer, the first pooling layer, the second convolution layer, the second activation layer, the second pooling layer, the first full-link layer, the second full-link layer and the activation layer which are connected in sequence are trained and feature-extracted through two layers of 3 x 3 convolution kernels and pooling layers, and then the input layer, the first convolution layer, the first activation layer, the first pooling layer, the second convolution layer, the second full-link layer and the activation layer are passed through the two layers of full-link layers to judge whether the input layer is a leak or not.
8. The system according to claim 1 or 6, wherein the BP neural network unit performs cosine operation on the two-dimensional vector obtained by structure2vec algorithm conversion, and outputs 1 if the codes are similar, which is different from-1, specifically:wherein: g denotes a control flow graph which is,the structure2vec algorithm is shown.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711325630.6A CN108108622B (en) | 2017-12-13 | 2017-12-13 | Vulnerability detection system based on deep convolutional network and control flow graph |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711325630.6A CN108108622B (en) | 2017-12-13 | 2017-12-13 | Vulnerability detection system based on deep convolutional network and control flow graph |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108108622A CN108108622A (en) | 2018-06-01 |
CN108108622B true CN108108622B (en) | 2021-03-16 |
Family
ID=62215679
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711325630.6A Active CN108108622B (en) | 2017-12-13 | 2017-12-13 | Vulnerability detection system based on deep convolutional network and control flow graph |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108108622B (en) |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109214191A (en) * | 2018-09-18 | 2019-01-15 | 北京理工大学 | A method of utilizing deep learning forecasting software security breaches |
EP3891637A1 (en) | 2018-12-03 | 2021-10-13 | British Telecommunications public limited company | Detecting vulnerability change in software systems |
WO2020114920A1 (en) | 2018-12-03 | 2020-06-11 | British Telecommunications Public Limited Company | Detecting vulnerable software systems |
EP3891638A1 (en) | 2018-12-03 | 2021-10-13 | British Telecommunications public limited company | Remediating software vulnerabilities |
WO2020114922A1 (en) | 2018-12-03 | 2020-06-11 | British Telecommunications Public Limited Company | Detecting anomalies in computer networks |
CN110147235B (en) * | 2019-03-29 | 2021-01-01 | 中国科学院信息工程研究所 | Semantic comparison method and device between source code and binary code |
CN110175454B (en) * | 2019-04-19 | 2021-03-26 | 佛山市微风科技有限公司 | Intelligent contract security vulnerability mining method and system based on artificial intelligence |
CN110598408B (en) * | 2019-08-23 | 2021-03-26 | 华中科技大学 | App clone detection method and system based on function layer coding |
CN110866254B (en) * | 2019-09-29 | 2023-06-30 | 华为终端有限公司 | Vulnerability detection method and electronic equipment |
CN110943981B (en) * | 2019-11-20 | 2022-04-08 | 中国人民解放军战略支援部队信息工程大学 | Cross-architecture vulnerability mining method based on hierarchical learning |
CN110995713A (en) * | 2019-12-06 | 2020-04-10 | 北京理工大学 | Botnet detection system and method based on convolutional neural network |
CN111552969A (en) * | 2020-04-21 | 2020-08-18 | 中国电力科学研究院有限公司 | Embedded terminal software code vulnerability detection method and device based on neural network |
CN111639344B (en) * | 2020-07-31 | 2020-11-20 | 中国人民解放军国防科技大学 | Vulnerability detection method and device based on neural network |
CN113468525B (en) * | 2021-05-24 | 2023-06-27 | 中国科学院信息工程研究所 | Similar vulnerability detection method and device for binary program |
CN113434858B (en) * | 2021-05-25 | 2022-11-01 | 天津大学 | Malicious software family classification method based on disassembly code structure and semantic features |
CN113449303B (en) * | 2021-06-28 | 2022-11-11 | 杭州云象网络技术有限公司 | Intelligent contract vulnerability detection method and system based on teacher-student network model |
CN114020628A (en) * | 2021-11-09 | 2022-02-08 | 中国工商银行股份有限公司 | Code vulnerability detection method and device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106648818A (en) * | 2016-12-16 | 2017-05-10 | 华东师范大学 | Generation system of object code control flow diagram |
CN106681917A (en) * | 2016-12-21 | 2017-05-17 | 南京大学 | Method for automatically evaluating front ends on basis of neural networks |
-
2017
- 2017-12-13 CN CN201711325630.6A patent/CN108108622B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106648818A (en) * | 2016-12-16 | 2017-05-10 | 华东师范大学 | Generation system of object code control flow diagram |
CN106681917A (en) * | 2016-12-21 | 2017-05-17 | 南京大学 | Method for automatically evaluating front ends on basis of neural networks |
Non-Patent Citations (1)
Title |
---|
Anh Viet Phan;Minh Le Nguyen;Lam Thu Bui."Convolutional Neural Networks over Control Flow Graphs for Software Defect Prediction".《2017 IEEE 29th International Conference on Tools with Artificial Intelligence (ICTAI)》.2017, * |
Also Published As
Publication number | Publication date |
---|---|
CN108108622A (en) | 2018-06-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108108622B (en) | Vulnerability detection system based on deep convolutional network and control flow graph | |
CN111639344B (en) | Vulnerability detection method and device based on neural network | |
CN108647520B (en) | Intelligent fuzzy test method and system based on vulnerability learning | |
CN108334781B (en) | Virus detection method, device, computer readable storage medium and computer equipment | |
CN114882421B (en) | Skeleton behavior recognition method based on space-time characteristic enhancement graph convolution network | |
CN109844655B (en) | Method and device for controlling technical system based on control model | |
CN109639734B (en) | Abnormal flow detection method with computing resource adaptivity | |
CN111552966A (en) | Malicious software homology detection method based on information fusion | |
CN108229170B (en) | Software analysis method and apparatus using big data and neural network | |
CN114821204B (en) | Meta-learning-based embedded semi-supervised learning image classification method and system | |
CN111444513B (en) | Firmware compiling optimization option identification method and device for power grid embedded terminal | |
CN105989287A (en) | Method and system for judging homology of massive malicious samples | |
CN110677437A (en) | User disguised attack detection method and system based on potential space countermeasure clustering | |
CN110941829B (en) | Large-scale hardware Trojan horse library generation system and method based on generation countermeasure network | |
CN117421740A (en) | Source code vulnerability detection method and device based on heterogeneous graph transformation network | |
CN114138653A (en) | Mobile application cross-platform reinforcement learning traversal test technology based on depth image understanding | |
CN117725592A (en) | Intelligent contract vulnerability detection method based on directed graph annotation network | |
CN112487368A (en) | Function level confusion detection method based on graph convolution network | |
CN114707151B (en) | Zombie software detection method based on API call and network behavior | |
CN110489348A (en) | A kind of software function defect method for digging based on transfer learning | |
CN114817925B (en) | Android malicious software detection method and system based on multi-modal graph features | |
CN116561761A (en) | Vulnerability detection method and system based on intelligent contract byte codes | |
CN114416520B (en) | Fuzzy test method and device for Windows program graphical interface bypass | |
CN107622201B (en) | A kind of Android platform clone's application program rapid detection method of anti-reinforcing | |
CN115982719A (en) | Knowledge graph-based artificial intelligence intrusion and attack simulation system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |