CN112257077A - Automatic vulnerability mining method based on deep learning - Google Patents
Automatic vulnerability mining method based on deep learning Download PDFInfo
- Publication number
- CN112257077A CN112257077A CN202011256543.1A CN202011256543A CN112257077A CN 112257077 A CN112257077 A CN 112257077A CN 202011256543 A CN202011256543 A CN 202011256543A CN 112257077 A CN112257077 A CN 112257077A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- deep learning
- application program
- analysis
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000005065 mining Methods 0.000 title claims abstract description 51
- 238000013135 deep learning Methods 0.000 title claims abstract description 41
- 238000012360 testing method Methods 0.000 claims abstract description 64
- 230000003068 static effect Effects 0.000 claims abstract description 40
- 238000013136 deep learning model Methods 0.000 claims abstract description 31
- 230000004044 response Effects 0.000 claims abstract description 26
- 230000009193 crawling Effects 0.000 claims description 9
- 238000010801 machine learning Methods 0.000 claims description 8
- 238000010219 correlation analysis Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 230000003044 adaptive effect Effects 0.000 claims description 3
- 238000012098 association analyses Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims 1
- 230000000694 effects Effects 0.000 abstract description 10
- 238000009412 basement excavation Methods 0.000 abstract description 9
- 238000005516 engineering process Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000010998 test method Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000005067 remediation Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3676—Test management for coverage analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Computing Systems (AREA)
- Debugging And Monitoring (AREA)
Abstract
An automatic vulnerability mining method based on deep learning, S1, generating a vulnerability database; s2, generating a deep learning model; s3, determining an object to be detected included in the application program, and setting test parameters by taking the object to be detected as a target to obtain a test object; s4, sending a test request aiming at the test object to the application program, and testing according to the response result; s5, determining the type of the source code data; s6, performing static analysis and learning on the static characteristics of the code; s7, correcting the analysis result of the static analysis through the dynamic analysis; s8, carrying out vulnerability mining; s9, judging whether a leak exists according to the mining result; and S10, completing the deep learning model. The method automatically excavates the bugs in the software and the application program based on deep learning, has high excavation efficiency and good excavation effect, solves the problems of high missing report rate of static analysis and low code coverage rate of dynamic analysis, obviously improves the performance in the aspect of bug excavation and has excellent use effect.
Description
Technical Field
The invention relates to the technical field of vulnerability mining, in particular to an automatic vulnerability mining method based on deep learning.
Background
With the rapid development of social information technology, various application software in the market comes along with the operation, most of the software is put into use without standard examination and strict test, and a great amount of software bugs which can be attacked and utilized exist in the software; at present, the main factor threatening the system security is that unknown vulnerabilities exist in application software, various communication security protocols, an operating system forming an information system and the like. For various reasons, the existence of vulnerabilities cannot be avoided, and if some relatively serious unknown vulnerabilities are discovered by an attacker, the unknown vulnerabilities are likely to be exploited by the attacker, and the attacker can access or destroy the computer system without authorization. The method can effectively reduce the threat of the potential vulnerability to the safety of the information system by discovering and repairing the vulnerability in time before an attacker; the vulnerability mining technology is to explore unknown vulnerabilities, comprehensively apply various technologies and tools, find hidden vulnerabilities in software as much as possible, deeply analyze the details of the discovered vulnerabilities, and lay a cushion for processing measures such as vulnerability utilization and remediation;
with the rise of the artificial intelligence industry, a large amount of vulnerability mining research based on machine learning comes to the fore, a large amount of vulnerability mining methods or tools are also developed, as vulnerability mining is a long-term process, but as the types of equipment, systems, protocols, applications, networks, signals and the like are various, vulnerability mining in the fields becomes a very complicated and difficult problem, even if the vulnerability is mined, continuous and efficient mining and defense ecology are difficult to form, malicious software detection is mainly carried out on the basis of a 'shallow' machine learning algorithm at present, static analysis is still the main means for analyzing software vulnerabilities at present, the mining efficiency is low, the mining effect is poor, the report missing rate of static analysis is high, and the performance of the 'shallow' machine learning algorithm is not good and needs to be improved.
Disclosure of Invention
Objects of the invention
In order to solve the technical problems in the background art, the invention provides an automatic vulnerability mining method based on deep learning, vulnerabilities in software and application programs are automatically mined based on the deep learning, the mining efficiency is high, the mining effect is good, the problems of high missing report rate of static analysis and low code coverage rate of dynamic analysis are solved, the vulnerability mining performance is obviously improved, and the using effect is excellent.
(II) technical scheme
The invention provides an automatic vulnerability mining method based on deep learning, which comprises the following steps:
s1, acquiring vulnerability information, sorting the vulnerability information, and generating a vulnerability database based on the vulnerability information, wherein the vulnerability database comprises a general vulnerability CVE number, a general vulnerability scoring system CVSS score and a vulnerability description field;
s2, introducing a deep learning method, and analyzing the vulnerability database based on the deep learning method to generate a deep learning model;
s3, acquiring application program information, determining an application program to be detected, and then determining an object to be detected included in the application program; setting test parameters by taking an object to be detected as a target to obtain a test object;
s4, sending a test request aiming at the test object to the application program, wherein the test request is used for indicating the application program to run the test object based on the test parameters, obtaining the response result of the application program to the test parameters, and testing according to the response result;
s5, identifying the source code data of the test object through the automatic code mode, determining the source code data type according to the identification result, performing correlation analysis and heuristic search according to the source code data type, and finding out the threat problems of the same source and the same parcel from the vulnerability database;
s6, receiving the test result and the source code analysis information sent by the application program, and performing static analysis and learning on the static characteristics of the code through a machine learning method based on the corresponding result; wherein the static features include lexical, grammatical, control flow and data flow of the code;
s7, correcting the analysis result of the static analysis through the dynamic analysis, and integrating the static characteristics obtained by the code analysis and the dynamic characteristics obtained by the dynamic execution to solve the problems of high missing report rate of the static analysis and low code coverage rate of the dynamic analysis;
s8, sending related information to the deep learning model for recognition, automatically selecting vulnerability characteristics by using the deep learning model, and combining deep learning and grammar semantic characteristics for vulnerability mining;
s9, judging whether a vulnerability exists according to the mining result, and if the vulnerability exists, determining the vulnerability included in the vulnerability mining result as the vulnerability of the application program;
and S10, the vulnerability database stores the identified vulnerabilities in a classified manner, and the vulnerability database is continuously analyzed based on a deep learning method so as to continuously improve a deep learning model.
Preferably, in S1, the vulnerability information is derived from the national vulnerability database, i.e., the vulnerability database itself is constructed by using the national vulnerability database NVD as a data source.
Preferably, in S1, the vulnerability database further includes the ease of acquisition, confidentiality impact, whether authentication is required, integrity impact, prerequisite privilege set, availability impact, result privilege set, and whether a network is required.
Preferably, in S1, the vulnerability description field refers to a natural language for describing vulnerability characteristics.
Preferably, in S2, the method further includes constructing an adaptive vulnerability mining operating environment based on the existing static and dynamic vulnerability mining methods.
Preferably, in S3, the process of determining the object to be detected included in the application program is specifically as follows:
acquiring a target URL of an application program to be detected and crawling the target URL to obtain a crawling response result; and acquiring the object to be detected included in the application program based on the target URL and the crawling response result.
Preferably, in S4, the test procedure is as follows:
establishing a configuration file for the application program, wherein the configuration file comprises a taint analysis strategy; starting the application program through a dynamic binary instrumentation frame Pin, and initializing a dynamic instrumentation analysis tool; and analyzing the conditional branch instruction of the application program through a dynamic instrumentation analysis tool, generating a control flow graph and control dependence information data, and finishing the marking and the propagation of the taint information flow.
Preferably, in S5, the association analysis and heuristic search includes verifying the threat problem from multiple dimensions of the authoring style, the framework structure, the module resources, and the homologous code.
Preferably, in S8, the method further includes the steps of:
and comparing the vulnerability response characteristics and the normal response characteristics in the deep learning model with the response characteristics corresponding to the related information to obtain a vulnerability identification result.
Preferably, an integrated test platform is designed based on the deep learning model, and the integrated test platform is used for verifying the feasibility and the effectiveness of the deep learning model.
The technical scheme of the invention has the following beneficial technical effects:
firstly, acquiring vulnerability information, arranging the vulnerability information, and generating a vulnerability database based on the vulnerability information; then, a deep learning method is introduced to generate a deep learning model; then acquiring application program information, determining an application program to be detected, and setting test parameters by taking an object to be detected as a target to obtain a test object; then sending a test request aiming at the test object to the application program to obtain a response result of the application program to the test parameters, and testing according to the response result; then determining the data type of the source code, performing correlation analysis and heuristic search according to the data type of the source code, and finding out the threat problems of the homologous and homologous files from the vulnerability database; then receiving a test result and source code analysis information sent by an application program, and performing static analysis and learning on the static characteristics of the codes through a machine learning method based on the corresponding result; then, the analysis result of the static analysis is corrected through the dynamic analysis, and the static characteristics obtained by the code analysis and the dynamic characteristics obtained by the dynamic execution are synthesized; then, relevant information is sent to a deep learning model for recognition, automatic selection of vulnerability characteristics is carried out by using the deep learning model, and deep learning and grammatical semantic characteristics are combined for vulnerability mining; judging whether a vulnerability exists according to the mining result; the vulnerability database stores the identified vulnerabilities in a classified manner, and the vulnerability database is continuously analyzed based on a deep learning method so as to continuously perfect a deep learning model;
the method automatically excavates the bugs in the software and the application program based on deep learning, has high excavation efficiency and good excavation effect, solves the problems of high missing report rate of static analysis and low code coverage rate of dynamic analysis, obviously improves the performance in the aspect of bug excavation and has excellent use effect.
Drawings
Fig. 1 is a flowchart of an automated vulnerability mining method based on deep learning according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
As shown in fig. 1, the automatic vulnerability mining method based on deep learning provided by the present invention includes the following steps:
s1, acquiring vulnerability information, sorting the vulnerability information, and generating a vulnerability database based on the vulnerability information, wherein the vulnerability database comprises a general vulnerability CVE number, a general vulnerability scoring system CVSS score and a vulnerability description field;
s2, introducing a deep learning method, and analyzing the vulnerability database based on the deep learning method to generate a deep learning model;
s3, acquiring application program information, determining an application program to be detected, and then determining an object to be detected included in the application program; setting test parameters by taking an object to be detected as a target to obtain a test object;
s4, sending a test request aiming at the test object to the application program, wherein the test request is used for indicating the application program to run the test object based on the test parameters, obtaining the response result of the application program to the test parameters, and testing according to the response result;
s5, identifying the source code data of the test object through the automatic code mode, determining the source code data type according to the identification result, performing correlation analysis and heuristic search according to the source code data type, and finding out the threat problems of the same source and the same parcel from the vulnerability database;
s6, receiving the test result and the source code analysis information sent by the application program, and performing static analysis and learning on the static characteristics of the code through a machine learning method based on the corresponding result; wherein the static features include lexical, grammatical, control flow and data flow of the code;
s7, correcting the analysis result of the static analysis through the dynamic analysis, and integrating the static characteristics obtained by the code analysis and the dynamic characteristics obtained by the dynamic execution to solve the problems of high missing report rate of the static analysis and low code coverage rate of the dynamic analysis;
s8, sending related information to the deep learning model for recognition, automatically selecting vulnerability characteristics by using the deep learning model, and combining deep learning and grammar semantic characteristics for vulnerability mining;
s9, judging whether a vulnerability exists according to the mining result, and if the vulnerability exists, determining the vulnerability included in the vulnerability mining result as the vulnerability of the application program;
and S10, the vulnerability database stores the identified vulnerabilities in a classified manner, and the vulnerability database is continuously analyzed based on a deep learning method so as to continuously improve a deep learning model.
In an alternative embodiment, in S1, the vulnerability information is derived from the national vulnerability database, that is, the vulnerability database itself is constructed by using the national vulnerability database NVD as a data source; the vulnerability database also comprises the acquisition easiness, confidentiality influence, whether authentication is needed or not, integrity influence, a precondition privilege set, availability influence, a result privilege set and whether a network is needed or not; the vulnerability description field refers to a natural language for describing vulnerability characteristics.
In an optional embodiment, in S2, the method further includes constructing an adaptive vulnerability mining operation environment based on existing static and dynamic vulnerability mining methods.
In an alternative embodiment, in S3, the process of determining the object to be detected included in the application program is specifically as follows: acquiring a target URL of an application program to be detected and crawling the target URL to obtain a crawling response result; and acquiring the object to be detected included in the application program based on the target URL and the crawling response result.
In an alternative embodiment, in S4, the test procedure is as follows: establishing a configuration file for the application program, wherein the configuration file comprises a taint analysis strategy; starting the application program through a dynamic binary instrumentation frame Pin, and initializing a dynamic instrumentation analysis tool; and analyzing the conditional branch instruction of the application program through a dynamic instrumentation analysis tool, generating a control flow graph and control dependence information data, and finishing the marking and the propagation of the taint information flow.
In an alternative embodiment, in S5, the association analysis and heuristic search includes verifying threat issues from multiple dimensions of the authoring style, the framework structure, the module resources, and the homologous code.
In an optional embodiment, in S8, the method further includes the following steps: and comparing the vulnerability response characteristics and the normal response characteristics in the deep learning model with the response characteristics corresponding to the related information to obtain a vulnerability identification result.
In an alternative embodiment, it is also desirable to design an integrated test platform based on the deep learning model, and the integrated test platform is used to verify the feasibility and effectiveness of the deep learning model.
When the method is used, firstly, vulnerability information is obtained and is sorted, and a vulnerability database is generated based on the vulnerability information; then, introducing a deep learning method, and analyzing the vulnerability database based on the deep learning method to generate a deep learning model; then acquiring application program information and defining an application program to be detected, and then determining an object to be detected included in the application program; setting test parameters by taking an object to be detected as a target to obtain a test object; then sending a test request aiming at the test object to the application program, wherein the test request is used for indicating the application program to operate the test object based on the test parameters, obtaining the response result of the application program to the test parameters, and testing according to the response result; then, identifying source code data of the test object through an automatic code mode, determining the type of the source code data according to an identification result, performing correlation analysis and heuristic search according to the type of the source code data, and finding out the threat problems of the same source and the same parcel from a vulnerability database; then receiving a test result and source code analysis information sent by an application program, and performing static analysis and learning on the static characteristics of the codes through a machine learning method based on the corresponding result; wherein the static features include lexical, grammatical, control flow and data flow of the code; then, the analysis result of the static analysis is corrected through the dynamic analysis, and the static characteristics obtained by the code analysis and the dynamic characteristics obtained by the dynamic execution are integrated to solve the problems of high missing report rate of the static analysis and low code coverage rate of the dynamic analysis; then, relevant information is sent to a deep learning model for recognition, automatic selection of vulnerability characteristics is carried out by using the deep learning model, and deep learning and grammatical semantic characteristics are combined for vulnerability mining; judging whether a vulnerability exists according to the mining result, and if the vulnerability mining result is that the vulnerability exists, determining the vulnerability included in the vulnerability mining result as the vulnerability of the application program; the vulnerability database stores the identified vulnerabilities in a classified manner, and the vulnerability database is continuously analyzed based on a deep learning method so as to continuously perfect a deep learning model;
the method automatically excavates the bugs in the software and the application program based on deep learning, has high excavation efficiency and good excavation effect, solves the problems of high missing report rate of static analysis and low code coverage rate of dynamic analysis, obviously improves the performance in the aspect of bug excavation and has excellent use effect.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.
Claims (10)
1. An automatic vulnerability mining method based on deep learning is characterized by comprising the following steps:
s1, acquiring vulnerability information, sorting the vulnerability information, and generating a vulnerability database based on the vulnerability information, wherein the vulnerability database comprises a general vulnerability CVE number, a general vulnerability scoring system CVSS score and a vulnerability description field;
s2, introducing a deep learning method, and analyzing the vulnerability database based on the deep learning method to generate a deep learning model;
s3, acquiring application program information, determining an application program to be detected, and then determining an object to be detected included in the application program; setting test parameters by taking an object to be detected as a target to obtain a test object;
s4, sending a test request aiming at the test object to the application program, wherein the test request is used for indicating the application program to run the test object based on the test parameters, obtaining the response result of the application program to the test parameters, and testing according to the response result;
s5, identifying the source code data of the test object through the automatic code mode, determining the source code data type according to the identification result, performing correlation analysis and heuristic search according to the source code data type, and finding out the threat problems of the same source and the same parcel from the vulnerability database;
s6, receiving the test result and the source code analysis information sent by the application program, and performing static analysis and learning on the static characteristics of the code through a machine learning method based on the corresponding result; wherein the static features include lexical, grammatical, control flow and data flow of the code;
s7, correcting the analysis result of the static analysis through the dynamic analysis, and integrating the static characteristics obtained by the code analysis and the dynamic characteristics obtained by the dynamic execution to solve the problems of high missing report rate of the static analysis and low code coverage rate of the dynamic analysis;
s8, sending related information to the deep learning model for recognition, automatically selecting vulnerability characteristics by using the deep learning model, and combining deep learning and grammar semantic characteristics for vulnerability mining;
s9, judging whether a vulnerability exists according to the mining result, and if the vulnerability exists, determining the vulnerability included in the vulnerability mining result as the vulnerability of the application program;
and S10, the vulnerability database stores the identified vulnerabilities in a classified manner, and the vulnerability database is continuously analyzed based on a deep learning method so as to continuously improve a deep learning model.
2. The method for automated vulnerability discovery based on deep learning of claim 1, wherein in S1, vulnerability information is derived from National Vulnerability Database (NVD), i.e. its own vulnerability database is constructed by using NVD as a data source.
3. The automated vulnerability mining method based on deep learning of claim 1, wherein in S1, the vulnerability database further comprises the obtaining ease, confidentiality influence, whether authentication is required, integrity influence, precondition privilege set, availability influence, result privilege set, whether network is required.
4. The automatic vulnerability mining method based on deep learning of claim 1, wherein in S1, the vulnerability description field refers to natural language for describing vulnerability characteristics.
5. The automated vulnerability mining method based on deep learning of claim 1, wherein in S2, further comprising constructing an adaptive vulnerability mining operation environment based on existing static and dynamic vulnerability mining methods.
6. The method for automatic vulnerability discovery based on deep learning of claim 1, wherein in S3, the process of determining the object to be detected included in the application program is specifically as follows:
acquiring a target URL of an application program to be detected and crawling the target URL to obtain a crawling response result; and acquiring the object to be detected included in the application program based on the target URL and the crawling response result.
7. The automatic vulnerability mining method based on deep learning of claim 1, wherein in S4, the testing process is specifically as follows:
establishing a configuration file for the application program, wherein the configuration file comprises a taint analysis strategy; starting the application program through a dynamic binary instrumentation frame Pin, and initializing a dynamic instrumentation analysis tool; and analyzing the conditional branch instruction of the application program through a dynamic instrumentation analysis tool, generating a control flow graph and control dependence information data, and finishing the marking and the propagation of the taint information flow.
8. The automated vulnerability mining method based on deep learning of claim 1, wherein in S5, the association analysis and heuristic search comprises multiple dimension verification threat problem from writing style, framework structure, module resource and homologous code.
9. The automatic vulnerability mining method based on deep learning of claim 1, wherein in S8, further comprising the following steps:
and comparing the vulnerability response characteristics and the normal response characteristics in the deep learning model with the response characteristics corresponding to the related information to obtain a vulnerability identification result.
10. The automatic vulnerability mining method based on deep learning of claim 1, characterized in that an integrated test platform is further required to be designed based on the deep learning model, and the integrated test platform is used for verifying feasibility and effectiveness of the deep learning model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011256543.1A CN112257077A (en) | 2020-11-11 | 2020-11-11 | Automatic vulnerability mining method based on deep learning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011256543.1A CN112257077A (en) | 2020-11-11 | 2020-11-11 | Automatic vulnerability mining method based on deep learning |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112257077A true CN112257077A (en) | 2021-01-22 |
Family
ID=74265422
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011256543.1A Pending CN112257077A (en) | 2020-11-11 | 2020-11-11 | Automatic vulnerability mining method based on deep learning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112257077A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114996715A (en) * | 2022-06-14 | 2022-09-02 | 上海久之润信息技术有限公司 | Game vulnerability intelligent repairing method based on deep learning |
| CN115664787A (en) * | 2022-10-24 | 2023-01-31 | 惠州市德赛西威智能交通技术研究院有限公司 | Automobile network vulnerability protection method, system, terminal equipment and medium |
| CN118445809A (en) * | 2024-05-06 | 2024-08-06 | 广州锦高信息科技有限公司 | System vulnerability restoration method and system based on big data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106897625A (en) * | 2017-01-22 | 2017-06-27 | 北京理工大学 | The leak automatic classification method for supporting vulnerability correlation to excavate |
| CN107368417A (en) * | 2017-07-25 | 2017-11-21 | 中国人民解放军63928部队 | A kind of bug excavation technical testing model and method of testing |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | Mining analysis method for information security vulnerability |
| CN110110525A (en) * | 2019-04-26 | 2019-08-09 | 北京中润国盛科技有限公司 | A kind of bug excavation method based on machine learning and deep learning |
| CN110874475A (en) * | 2018-08-30 | 2020-03-10 | 重庆小雨点小额贷款有限公司 | Vulnerability mining method, vulnerability mining platform and computer readable storage medium |
-
2020
- 2020-11-11 CN CN202011256543.1A patent/CN112257077A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106897625A (en) * | 2017-01-22 | 2017-06-27 | 北京理工大学 | The leak automatic classification method for supporting vulnerability correlation to excavate |
| CN107368417A (en) * | 2017-07-25 | 2017-11-21 | 中国人民解放军63928部队 | A kind of bug excavation technical testing model and method of testing |
| CN109002721A (en) * | 2018-07-12 | 2018-12-14 | 南方电网科学研究院有限责任公司 | Mining analysis method for information security vulnerability |
| CN110874475A (en) * | 2018-08-30 | 2020-03-10 | 重庆小雨点小额贷款有限公司 | Vulnerability mining method, vulnerability mining platform and computer readable storage medium |
| CN110110525A (en) * | 2019-04-26 | 2019-08-09 | 北京中润国盛科技有限公司 | A kind of bug excavation method based on machine learning and deep learning |
Non-Patent Citations (2)
| Title |
|---|
| 孙鸿宇等: "人工智能技术在安全漏洞领域的应用", 《通信学报》 * |
| 李韵等: "基于机器学习的软件漏洞挖掘方法综述", 《软件学报》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114996715A (en) * | 2022-06-14 | 2022-09-02 | 上海久之润信息技术有限公司 | Game vulnerability intelligent repairing method based on deep learning |
| CN115664787A (en) * | 2022-10-24 | 2023-01-31 | 惠州市德赛西威智能交通技术研究院有限公司 | Automobile network vulnerability protection method, system, terminal equipment and medium |
| CN118445809A (en) * | 2024-05-06 | 2024-08-06 | 广州锦高信息科技有限公司 | System vulnerability restoration method and system based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112134761B (en) | Electric power Internet of things terminal vulnerability detection method and system based on firmware analysis | |
| CN112257077A (en) | Automatic vulnerability mining method based on deep learning | |
| CN110443045B (en) | Fuzzy test case generation method based on machine learning method | |
| US10558805B2 (en) | Method for detecting malware within a linux platform | |
| CN101359352B (en) | API use action discovering and malice deciding method after confusion of multi-tier synergism | |
| CN114077741B (en) | Software supply chain safety detection method and device, electronic equipment and storage medium | |
| Savenko et al. | Metamorphic Viruses' Detection Technique Based on the Equivalent Functional Block Search. | |
| KR101640479B1 (en) | Software vulnerability attack behavior analysis system based on the source code | |
| CN103390130A (en) | Rogue program searching and killing method and device based on cloud security as well as server | |
| JP2014507718A (en) | Method, computer program, and system for determining vulnerability of a computer software application to an elevation of privilege attack | |
| US20210334371A1 (en) | Malicious File Detection Technology Based on Random Forest Algorithm | |
| CN113297580B (en) | Code semantic analysis-based electric power information system safety protection method and device | |
| CN112506564B (en) | Method, system and medium for establishing control flow graph | |
| CN115270131A (en) | Java anti-serialization vulnerability detection method and system | |
| CN111177731A (en) | Software source code vulnerability detection method based on artificial neural network | |
| Partenza et al. | Automatic identification of vulnerable code: Investigations with an ast-based neural network | |
| CN113468524A (en) | RASP-based machine learning model security detection method | |
| Sadeghi et al. | Mining the categorized software repositories to improve the analysis of security vulnerabilities | |
| He et al. | Firmware vulnerabilities homology detection based on clonal selection algorithm for IoT devices | |
| Kim et al. | Runtime detection framework for android malware | |
| Feichtner et al. | Obfuscation-resilient code recognition in Android apps | |
| CN111309589A (en) | Code security scanning system and method based on code dynamic analysis | |
| Ladisa et al. | On the feasibility of cross-language detection of malicious packages in npm and pypi | |
| Mohamed et al. | Malware detection techniques | |
| Ravula et al. | Learning attack features from static and dynamic analysis of malware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220915 Address after: 361000 units 1702 and 1703, No. 59, Chengyi North Street, phase III, software park, Xiamen, Fujian Applicant after: XIAMEN USEEAR INFORMATION TECHNOLOGY Co.,Ltd. Address before: Unit 1701, 59 Chengyi North Street, phase III, software park, Xiamen City, Fujian Province, 361000 Applicant before: FUJIAN QIDIAN SPACE-TIME DIGITAL TECHNOLOGY Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210122 |
|
| RJ01 | Rejection of invention patent application after publication |