CN109657466A - A kind of function grade software vulnerability detection method - Google Patents

A kind of function grade software vulnerability detection method Download PDF

Info

Publication number
CN109657466A
CN109657466A CN201811417338.1A CN201811417338A CN109657466A CN 109657466 A CN109657466 A CN 109657466A CN 201811417338 A CN201811417338 A CN 201811417338A CN 109657466 A CN109657466 A CN 109657466A
Authority
CN
China
Prior art keywords
code
training
initial characteristics
neural network
software
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811417338.1A
Other languages
Chinese (zh)
Inventor
项阳
张军
王宇
项亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Yingshi Information Technology Co Ltd
Original Assignee
Hangzhou Yingshi Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Yingshi Information Technology Co Ltd filed Critical Hangzhou Yingshi Information Technology Co Ltd
Priority to CN201811417338.1A priority Critical patent/CN109657466A/en
Publication of CN109657466A publication Critical patent/CN109657466A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Biophysics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Biomedical Technology (AREA)
  • Virology (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Molecular Biology (AREA)
  • Mathematical Physics (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention relates to software security flaw detection technique fields, and in particular to a kind of function grade software vulnerability detection method, comprising the following steps: A) import training code;B the abstract semantics tree for) obtaining training code, forms initial characteristics vector;C) function name and the unitized processing of variable name;D primitive character) is obtained;E feature representation) is obtained;F) training neural network model;G the feature representation of software code to be detected) is obtained, the neural network model that feature representation input step F to be detected is trained obtains Hole Detection result.Substantial effect of the invention is: processing of this programme by using a series of method cooperation Bi-LSTM neural network of simplicity to code, the high-level abstractions semantic feature of function can directly be extracted, manpower and material resources are saved, and extracted high-level abstractions semantic feature can also implement spanned item purpose Hole Detection.

Description

A kind of function grade software vulnerability detection method
Technical field
The present invention relates to software security flaw detection technique fields, and in particular to a kind of function grade software vulnerability detection side Method.
Background technique
Software vulnerability detection technique resists measure as a kind of preventative attack, in computer safety field by pass Note.The angle of runs software system whether is needed to classify when from examinations, existing software defect and Hole Detection can divide For static state, dynamically with mixing three types of technology.Static Analysis Technology is such as: rule-based matching and semiology analysis are soft by analyzing Part source code is realized.Dynamic software analysis technology generally includes fuzz testing and stain analytical technology.These technologies master Lay particular emphasis on loophole that may be present when analysis software operation.Hybrid analysis technique combines static and dynamic analysis advantages, As analysis mode relatively advanced in field of software engineering.
With the development of machine learning techniques, by machine learning techniques be applied to the research of software vulnerability detection also gradually by To attention.It is existing to primarily focus on detection presence using machine learning techniques come the scheme of inspection software defect and software vulnerability The software module and file of loophole.Neuhaus et al. discovery, there are the software module of loophole libraries usually having the same to draw for those With and function call.Library reference and function call are abstracted as feature by them, and use support vector machines (SVM) as classification Device.They use the Mozilla software project of getting up early version as training classifier sample, and with trained classifier come Detect the Mozilla software of more recent version.Their experiment shows the prediction for using library reference and function call as software vulnerability Index is rather effective.Scandariato et al. is carried out Java source code directly as text using Text Mining Technology Processing.They are by the frequency of keyword in statistics codes and word and using these as feature come training pattern.Their experiment It proves, directly also can detect loophole in software module rank using source code as text combination machine learning techniques.
Chowdhury and Zulkernine and Shin et al. construct the Hole Detection scheme based on file-level.He The feature that is relied on of scheme be mainly derived from: software code complexity metric and is found soft code change log in advance Part defect.Some file can be helped to position with the presence or absence of loophole based on the classifier that these features are trained.Yamaguchi etc. People proposes fine-grained Hole Detection scheme, can detecte function rank loophole.F. Yamaguchi, F. are shown in detailed description Lindner, and K. Rieck, “Vulnerability extrapolation: assisted discovery of vulnerabilities using machine learning,” in Proceedings of the 5th USENIX conference on Offensive technologies. USENIX Association, 2011, pp. 13–13..He Scheme be to have leaky function code in source code mode (pattern) carry out principal component analysis (PCA).Pass through The mode of the mode of the code of other functions and the code of leaky function is compared, according to the similitude compared come ranking To infer that there may be the functions of loophole.
But it is existing had using machine learning techniques come the scheme of inspection software defect and software vulnerability lack generalization ability The problem of.Gap between different software project makes spanned item mesh Hole Detection have very big challenge.Firstly, different software project In file, variable naming, the dependence library that uses and functionally there is huge spread.This allows for traditional detection scheme, especially It is the detection that the model of training on project A can not be directly used for project B by the scheme based on machine learning techniques.It searches to the bottom, It is the difference due to software project, the code realized is naturally multifarious, and possessed loophole is also different.Traditional skill Why art is not able to achieve spanned item mesh Hole Detection, and reason is that the essence of bug code, profound spy can not be captured Sign.Secondly, most of scheme, which rests on, solves projects module and file loophole level, there are no scheme realize spanned item mesh and In the Hole Detection of function rank, therefore the blank has been filled up in this programme proposition.
Chinese patent CN101847121B, publication date on January 18th, 2012, a kind of method for discovering software vulnerabilities belong to soft Part engineering and information security field.The method include the steps that 1) multiple normal datas are inputted target program, the fortune of the target program is collected Information when row;2) lopsided data are generated, and are inputted the target program, information when collecting the operation of the target program;3) root According to information when the operation 1), 2) collected, the detection code that sum is verified in the target program is identified;4) the detection generation of modification verification sum Code, so that consistent when process performing when target program processing deformity data is with processing normal data;5) several lopsided numbers are generated According to and input modified target program, the lopsided data that it will be made to collapse are as sample data;6) each sample data is modified The thresholding of middle verification sum is simultaneously inputted former target program, and report one is potential if if former target program collapse or being abnormal Security breaches.Compared with prior art, the present invention can greatly improve the efficiency of bug excavation.Which employs stains to analyze skill Art, stain data, i.e., lopsided data are different on each software project, and some software vulnerabilities can not pass through lopsided number According to embodying, thus it does not solve the problems, such as that the scheme of current software vulnerability detection lacks generalization ability.
Summary of the invention
The technical problem to be solved by the present invention is the problem of scheme of software vulnerability detection at present lacks generalization ability.It mentions Gone out it is a kind of extract software code further feature being capable of the convenient function grade software vulnerability detection method across item detection.
In order to solve the above technical problems, the technical solution used in the present invention are as follows: a kind of function grade software vulnerability detection side Method, comprising the following steps: A) it imports and trains code, known to the loophole of the trained code;B the abstract language of training code) is obtained Justice tree, the element for extracting abstract semantics tree one by one form one-dimensional vector, referred to as initial characteristics vector;C) by initial characteristics vector In include function name and the unitized processing of variable name;D) the top n element of interception step B treated feature vector, makees For primitive character;E the bidirectional circulating neural network (Bi-LSTM) that primitive character input has been trained) is obtained into feature representation;F) will Loophole known to feature representation and training code is as training data, training neural network model;G) by software code to be detected Feature representation to be detected, the neural network that feature representation input step F to be detected is trained are obtained according to the method for step B-E Model obtains the Hole Detection result of software to be detected.Function name and the unitized processing of variable name can be eliminated into function name And variable name naming method difference bring influences, to provide condition across item detection.Primitive character is passed through into bidirectional circulating , can be by the code classification with same characteristic features to one kind after neural network (Bi-LSTM) is further processed, and then pass through step The neural network model obtained in F obtains the result of software vulnerability detection.
Preferably, obtain training code method are as follows: A1) obtain known security flaw information software source code and Safety loophole information;A2 the code segment corresponding to it) is marked using security breaches;A3) by the code with security breaches label Duan Zuowei trains code.
Preferably, the generation method of initial characteristics vector are as follows: by the element in abstract semantics tree, with depth-first traversal Mode take out one by one, obtain a sequence, the sequence is as initial characteristics vector.
Preferably, the training method of bidirectional circulating neural network (Bi-LSTM) are as follows: E1) obtain known security flaw letter The software source code and safety loophole information of breath;E2 the corresponding code segment of each security breaches) is extracted;E3) step E2 is obtained Several code segments obtained, obtain its primitive character according to step B-D respectively;E4) made using its primitive character of code segment mark For training sample data;E5) training sample data training bidirectional circulating neural network (Bi-LSTM) obtained using step E4.
Preferably, the training method of bidirectional circulating neural network (Bi-LSTM) are as follows: E1) obtain known security flaw letter The software source code and safety loophole information of breath;E2 the corresponding code segment of each security breaches) is extracted;E3) if manually writing Dry has the spreading code section of same security breaches with several code segments that step E2 is obtained, and step E2 is obtained several A code segment and its spreading code section with same security breaches by manually writing obtain its original according to step B-D respectively Beginning feature;E4) use the primitive character of code segment marker code section and its spreading code section as training sample data;E5) Training sample data training bidirectional circulating neural network (Bi-LSTM) obtained using step E4.
Preferably, first 10 layers that intercept abstract semantics tree in step B are used to generate initial characteristics vector, the initial spy The regular element of sign vector is 620, regular method are as follows: give up the element in initial characteristics vector more than 620, initial characteristics At vector element lazy weight 620,0 is mended after initial characteristics vector and gathers together enough 620 elements.
Preferably, the method for the unitized processing of function name and variable name are as follows: C1) the name mapping table of blank is established, Setting variable t is 0;C2 the element of initial characteristics vector) is successively extracted, if skipping step there are the element in name mapping table C3, conversely, entering step C3;C3 the element) is added to name mapping table, and the current value of the element and variable t is mapped, Then the value of variable t increases 1;C4) numerical value in mapping table with element mapping will be named to substitute the element;C5 step C2-) is repeated C4 obtains function name and unitized treated the initial characteristics vector of variable name until traversing the initial characteristics vector.
Substantial effect of the invention is: this programme cooperates Bi-LSTM nerve net by using a series of method of simplicity Processing of the network to code can directly extract the high-level abstractions semantic feature of function, save manpower and material resources, and extracted High-level abstractions semantic feature can also implement spanned item purpose Hole Detection.
Detailed description of the invention
Fig. 1 is one leak detection method flow diagram of embodiment.
Fig. 2 is the citing of one primitive character generating process of embodiment.
Specific embodiment
Below by specific embodiment, and in conjunction with attached drawing, a specific embodiment of the invention is further described in detail.
Embodiment one:
A kind of function grade software vulnerability detection method, as shown in Figure 1, being one leak detection method flow diagram of embodiment, this reality Example is applied the following steps are included: A) it imports and trains code, known to the loophole of training code;B the abstract semantics of training code) are obtained Tree, the element for extracting abstract semantics tree one by one form one-dimensional vector, referred to as initial characteristics vector;It C) will be in initial characteristics vector The unitized processing of the function name and variable name for including;D) the top n element of interception step B treated feature vector, as Primitive character;E the bidirectional circulating neural network (Bi-LSTM) that primitive character input has been trained) is obtained into feature representation;It F) will be special Sign expression is with loophole known to training code as training data, training neural network model;G) software code to be detected is pressed Feature representation to be detected, the neural network mould that feature representation input step F to be detected is trained are obtained according to the method for step B-E Type obtains the Hole Detection result of software to be detected.By the unitized processing of function name and variable name can eliminate function name with And variable name naming method difference bring influences, to provide condition across item detection.By primitive character by bidirectional circulating mind , can be by the code classification with same characteristic features to one kind after network (Bi-LSTM) is further processed, and then pass through step F The neural network model of middle acquisition obtains the result of software vulnerability detection.
Obtain training code method are as follows: A1) obtain known security flaw information software source code and security breaches Information;A2 the code segment corresponding to it) is marked using security breaches;A3) using the code segment with security breaches label as instruction Practice code.In the primary implementation of applicant, the loophole data source of use is in online disclosed and more authoritative loophole Data knowledge library mainly includes American National vulnerability scan (NVD) and Common Vulnerability and Exposures (CVE) tissue.The data provided by above data library and tissue, it is soft that 3 sections of common open sources are marked in applicant The vulnerability information of all function ranks until part LibTIFF, LibPNG and FFmpeg in July, 2017 learns as classifier Template and foundation.
Feature extraction can be divided into two steps: the acquisition of " original " feature extraction and " deep layer abstract semantics tree table reaches ". " original " feature extraction is mainly the abstract semantics tree handled from code (mainly function code block).We use The tool of Yamaguchi et al. exploitation can extract abstract semantics tree in the case where no translation and compiling environment and dependence library, in detail Illustrate to see F. Yamaguchi, M. Lottmann, and K. Rieck, " Generalized vulnerability extrapolation using abstract syntax trees,”in Proceedings of the 28th Annual Computer Security Applications Conference. ACM, 2012, pp. 359–368..Later, it needs It is further to the abstract semantics tree of generation to be handled.This programme first traverses tree by the way of depth-first, The result is that converting sequence for original tree.As shown in Fig. 2, illustrating for one primitive character generating process of embodiment, just The generation method of beginning feature vector are as follows: obtain the abstract semantics tree of function source code, function source code is taken out as shown in 1 in Fig. 2 As semantic tree such as in Fig. 22 shown in, the element in abstract semantics tree is taken out one by one in a manner of depth-first traversal, obtain One sequence, the function foo sequence as shown in 3 in Fig. 2, sequence is as initial characteristics vector.Then, the letter to serializing is needed Number carries out Fuzzy Processing, erases distinctive name in project.For example, the title of different functions can be foo, foo1, foo2 etc.; Name variable can be x, y or z.Unified in order to reach, the present embodiment carries out function name and change using the method that number replaces Measure the unitized processing of name.The method of the unitized processing of function name and variable name are as follows: C1) the name mapping table of blank is established, Setting variable t is 0;C2 the element of initial characteristics vector) is successively extracted, if skipping step there are the element in name mapping table C3, conversely, entering step C3;C3 the element) is added to name mapping table, and the current value of the element and variable t is mapped, Then the value of variable t increases 1;C4) numerical value in mapping table with element mapping will be named to substitute the element;C5 step C2-) is repeated C4 obtains unitized treated the initial characteristics vector of function name and variable name until traversing initial characteristics vector.In Fig. 2 After the progress function name of function foo shown in 4 and variable name are unitized, the sequence of generation, as primitive character.
Finally, needing to carry out original feature the extraction of semantics of deep layer.Applicant uses Bi-LSTM network to realize Extraction to profound semantic meaning representation.The training method of bidirectional circulating neural network (Bi-LSTM) are as follows: E1) obtain known safe The software source code and safety loophole information of vulnerability information;E2 the corresponding code segment of each security breaches) is extracted;It E3) will step Several code segments that rapid E2 is obtained, obtain its primitive character according to step B-D respectively;E4) using code segment mark, its is original Feature is as training sample data;E5) the training sample data training bidirectional circulating neural network (Bi- obtained using step E4 LSTM).To obtain the further feature of software code, code sequential write difference, function name variable name naming rule are eliminated Difference influences software vulnerability detection bring, has good generalization.There is the profound semantic table of function code block Reach, can use these semantic meaning representations as feature come using.This programme cooperates Bi- by using a series of method of simplicity Processing of the LSTM neural network to code can directly extract the high-level abstractions semantic feature of function, save manpower and material resources, and And extracted high-level abstractions semantic feature can also implement spanned item purpose Hole Detection.
First 10 layers that abstract semantics tree is intercepted in step B are used to generate initial characteristics vector, the element of initial characteristics vector Regular is 620, regular method are as follows: gives up the element in initial characteristics vector more than 620, initial characteristics vector element quantity When less than 620,0 is mended after initial characteristics vector and gathers together enough 620 elements.
Embodiment two:
A kind of function grade software vulnerability detection method, training method of the present embodiment to bidirectional circulating neural network (Bi-LSTM) Make specific improvement, in the present embodiment, the training method of bidirectional circulating neural network (Bi-LSTM) are as follows: E1) obtain known safe The software source code and safety loophole information of vulnerability information;E2 the corresponding code segment of each security breaches) is extracted;E3) artificial Several spreading code sections with several code segments that step E2 is obtained with same security breaches are write, step E2 is obtained Several code segments and its spreading code section with same security breaches by manually writing, obtained respectively according to step B-D Obtain its primitive character;E4) use the primitive character of code segment marker code section and its spreading code section as number of training According to;E5) training sample data training bidirectional circulating neural network (Bi-LSTM) obtained using step E4.Remaining step is the same as real Apply example one.
Above-mentioned embodiment is only a preferred solution of the present invention, not the present invention is made in any form Limitation, there are also other variations and modifications on the premise of not exceeding the technical scheme recorded in the claims.

Claims (7)

1. a kind of function grade software vulnerability detection method, which is characterized in that
The following steps are included:
A it) imports and trains code, known to the loophole of the trained code;
B the abstract semantics tree of training code) is obtained, the element for extracting abstract semantics tree one by one forms one-dimensional vector, referred to as just Beginning feature vector;
C) by the unitized processing of the function name and variable name that include in initial characteristics vector;
D) the top n element of interception step B treated feature vector, as primitive character;
E the bidirectional circulating neural network (Bi-LSTM) that primitive character input has been trained) is obtained into feature representation;
F) using loophole known to feature representation and training code as training data, training neural network model;
G software code to be detected) is obtained into feature representation to be detected according to the method for step B-E, feature representation to be detected is defeated Enter the neural network model that step F is trained, obtains the Hole Detection result of software to be detected.
2. a kind of function grade software vulnerability detection method according to claim 1, which is characterized in that
The method for obtaining training code are as follows:
A1 the software source code and safety loophole information of known security flaw information) are obtained;
A2 the code segment corresponding to it) is marked using security breaches;
A3) using the code segment with security breaches label as training code.
3. a kind of function grade software vulnerability detection method according to claim 1 or 2, which is characterized in that
The generation method of initial characteristics vector are as follows: by the element in abstract semantics tree, taken one by one in a manner of depth-first traversal Out, a sequence is obtained, the sequence is as initial characteristics vector.
4. a kind of function grade software vulnerability detection method according to claim 1 or 2, which is characterized in that
The training method of bidirectional circulating neural network (Bi-LSTM) are as follows:
E1 the software source code and safety loophole information of known security flaw information) are obtained;
E2 the corresponding code segment of each security breaches) is extracted;
E3) several code segments for obtaining step E2 obtain its primitive character according to step B-D respectively;
E4) use its primitive character of code segment mark as training sample data;
E5) training sample data training bidirectional circulating neural network (Bi-LSTM) obtained using step E4.
5. a kind of function grade software vulnerability detection method according to claim 1 or 2, which is characterized in that
The training method of bidirectional circulating neural network (Bi-LSTM) are as follows:
E1 the software source code and safety loophole information of known security flaw information) are obtained;
E2 the corresponding code segment of each security breaches) is extracted;
E3 several spreading code sections with several code segments that step E2 is obtained with same security breaches) are manually write, By step E2 several code segments obtained and its spreading code section with same security breaches by manually writing, according to step Rapid B-D obtains its primitive character respectively;
E4) use the primitive character of code segment marker code section and its spreading code section as training sample data;
E5) training sample data training bidirectional circulating neural network (Bi-LSTM) obtained using step E4.
6. a kind of function grade software vulnerability detection method according to claim 1 or 2, which is characterized in that
First 10 layers that abstract semantics tree is intercepted in step B are used to generate initial characteristics vector, the element of the initial characteristics vector Regular is 620, regular method are as follows: gives up the element in initial characteristics vector more than 620, initial characteristics vector element quantity When less than 620,0 is mended after initial characteristics vector and gathers together enough 620 elements.
7. a kind of function grade software vulnerability detection method according to claim 1 or 2, which is characterized in that
Function name and the method for the unitized processing of variable name are as follows:
C1 the name mapping table for) establishing blank, setting variable t is 0;
C2 the element of initial characteristics vector) is successively extracted, if there are the elements in name mapping table, skips step C3, conversely, Enter step C3;
C3 the element) is added to name mapping table, and the current value of the element and variable t is mapped, then the value of variable t increases 1;
C4) numerical value in mapping table with element mapping will be named to substitute the element;
C5 step C2-C4) is repeated until traversing the initial characteristics vector, after obtaining function name and the unitized processing of variable name Initial characteristics vector.
CN201811417338.1A 2018-11-26 2018-11-26 A kind of function grade software vulnerability detection method Pending CN109657466A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811417338.1A CN109657466A (en) 2018-11-26 2018-11-26 A kind of function grade software vulnerability detection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811417338.1A CN109657466A (en) 2018-11-26 2018-11-26 A kind of function grade software vulnerability detection method

Publications (1)

Publication Number Publication Date
CN109657466A true CN109657466A (en) 2019-04-19

Family

ID=66112386

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811417338.1A Pending CN109657466A (en) 2018-11-26 2018-11-26 A kind of function grade software vulnerability detection method

Country Status (1)

Country Link
CN (1) CN109657466A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110119627A (en) * 2019-05-22 2019-08-13 刘士刚 Automate artificial intelligence leakage location
CN111090860A (en) * 2019-12-10 2020-05-01 北京邮电大学 Code vulnerability detection method and device based on deep learning
CN112115476A (en) * 2020-08-06 2020-12-22 扬州大学 LSTM-based vulnerability automatic classification method, system and computer equipment
CN112328469A (en) * 2020-10-22 2021-02-05 南京航空航天大学 Function level defect positioning method based on embedding technology
CN113806750A (en) * 2021-09-24 2021-12-17 深信服科技股份有限公司 File security risk detection method, model training method, device and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140090064A1 (en) * 2012-09-25 2014-03-27 International Business Machines Corporation Training classifiers for program analysis
CN105677558A (en) * 2015-07-02 2016-06-15 哈尔滨安天科技股份有限公司 Script heuristic detection method and system based on form normalization
CN107516041A (en) * 2017-08-17 2017-12-26 北京安普诺信息技术有限公司 WebShell detection methods and its system based on deep neural network
CN107885999A (en) * 2017-11-08 2018-04-06 华中科技大学 A kind of leak detection method and system based on deep learning

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140090064A1 (en) * 2012-09-25 2014-03-27 International Business Machines Corporation Training classifiers for program analysis
CN105677558A (en) * 2015-07-02 2016-06-15 哈尔滨安天科技股份有限公司 Script heuristic detection method and system based on form normalization
CN107516041A (en) * 2017-08-17 2017-12-26 北京安普诺信息技术有限公司 WebShell detection methods and its system based on deep neural network
CN107885999A (en) * 2017-11-08 2018-04-06 华中科技大学 A kind of leak detection method and system based on deep learning

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110119627A (en) * 2019-05-22 2019-08-13 刘士刚 Automate artificial intelligence leakage location
CN111090860A (en) * 2019-12-10 2020-05-01 北京邮电大学 Code vulnerability detection method and device based on deep learning
CN112115476A (en) * 2020-08-06 2020-12-22 扬州大学 LSTM-based vulnerability automatic classification method, system and computer equipment
CN112115476B (en) * 2020-08-06 2023-10-24 扬州大学 Automatic vulnerability classification method, system and computer equipment based on LSTM
CN112328469A (en) * 2020-10-22 2021-02-05 南京航空航天大学 Function level defect positioning method based on embedding technology
CN112328469B (en) * 2020-10-22 2022-03-18 南京航空航天大学 Function level defect positioning method based on embedding technology
CN113806750A (en) * 2021-09-24 2021-12-17 深信服科技股份有限公司 File security risk detection method, model training method, device and equipment
CN113806750B (en) * 2021-09-24 2024-02-23 深信服科技股份有限公司 File security risk detection method, training method, device and equipment of model

Similar Documents

Publication Publication Date Title
CN109657466A (en) A kind of function grade software vulnerability detection method
Caliskan-Islam et al. De-anonymizing programmers via code stylometry
CN100485703C (en) Method and system for processing computer malicious code
Alrubaye et al. Learning to recommend third-party library migration opportunities at the API level
CN113821804B (en) Cross-architecture automatic detection method and system for third-party components and security risks thereof
Ceccato et al. SOFIA: An automated security oracle for black-box testing of SQL-injection vulnerabilities
CN110399300A (en) A kind of Python software obfuscation test method based on regime type perception
Ming et al. Memoized semantics-based binary diffing with application to malware lineage inference
Wang et al. Pynose: a test smell detector for python
CN106055479B (en) A kind of Android application software testing method based on compulsory execution
CN108229170B (en) Software analysis method and apparatus using big data and neural network
Ganz et al. Explaining graph neural networks for vulnerability discovery
Martín et al. A new tool for static and dynamic Android malware analysis
Rabin et al. Syntax-guided program reduction for understanding neural code intelligence models
Cao et al. FTCLNet: Convolutional LSTM with Fourier transform for vulnerability detection
Cheers et al. Spplagiarise: A tool for generating simulated semantics-preserving plagiarism of java source code
Rani et al. What do developers discuss about code comments?
CN116578980A (en) Code analysis method and device based on neural network and electronic equipment
Khaliq et al. Using deep learning for selenium web UI functional tests: A case-study with e-commerce applications
Michelon et al. Spectrum-based feature localization for families of systems
Zeng et al. An efficient vulnerability extrapolation using similarity of graph kernel of pdgs
Kang A review on javascript engine vulnerability mining
Le et al. Refixar: Multi-version reasoning for automated repair of regression errors
Xu et al. Mining executable specifications of web applications from selenium ide tests
Rahman et al. A Mapping Study of Security Vulnerability Detection Approaches for Web Applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190419