CN113742205B - Code vulnerability intelligent detection method based on man-machine cooperation - Google Patents
Code vulnerability intelligent detection method based on man-machine cooperation Download PDFInfo
- Publication number
- CN113742205B CN113742205B CN202010487203.3A CN202010487203A CN113742205B CN 113742205 B CN113742205 B CN 113742205B CN 202010487203 A CN202010487203 A CN 202010487203A CN 113742205 B CN113742205 B CN 113742205B
- Authority
- CN
- China
- Prior art keywords
- code
- vulnerability
- bug
- result
- review
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 80
- 238000012552 review Methods 0.000 claims abstract description 40
- 238000005070 sampling Methods 0.000 claims abstract description 5
- 238000000605 extraction Methods 0.000 claims abstract description 4
- 239000013598 vector Substances 0.000 claims description 16
- 238000000034 method Methods 0.000 claims description 15
- 238000005516 engineering process Methods 0.000 claims description 8
- 238000012549 training Methods 0.000 claims description 8
- 230000006870 function Effects 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 5
- 238000010801 machine learning Methods 0.000 claims description 4
- 239000012634 fragment Substances 0.000 claims description 2
- 230000003068 static effect Effects 0.000 description 7
- 238000013528 artificial neural network Methods 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008713 feedback mechanism Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/253—Grammatical analysis; Style critique
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/30—Semantic analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computing Systems (AREA)
- Biomedical Technology (AREA)
- Mathematical Physics (AREA)
- Molecular Biology (AREA)
- Evolutionary Computation (AREA)
- Data Mining & Analysis (AREA)
- Biophysics (AREA)
- Quality & Reliability (AREA)
- Life Sciences & Earth Sciences (AREA)
- Debugging And Monitoring (AREA)
Abstract
A code bug intelligent detection method based on man-machine cooperation is characterized in that positive report and false report bug marks and characteristic extraction of a control flow graph and an abstract syntax tree are carried out by combining an existing code bug detection tool set and a collected bug data set, and a code bug false report detection model is constructed; then generating a vulnerability review task according to the result of slicing the code vulnerability program; then, a sampling strategy is utilized to select part of vulnerability review tasks to be randomly distributed to crowdsourcing security review experts; and finally, combining and analyzing a code bug misinformation detection model result and a crowdsourcing security review expert result, and continuously feeding the results back to the code bug detection model so as to effectively identify the code bug.
Description
Technical Field
The invention belongs to the field of software engineering, in particular to application of the security field in the field of software engineering, which is used for false alarm code bug identification and code bug positioning.
Background
With the rapid development of security detection technology, the code bug static detection technology has also made tremendous progress. The static detection method of the code loopholes is difficult to judge the accessibility of the abstract path in a limited time, so that the existing detection method of the code loopholes has high false alarm rate. False alarm loopholes can reduce the efficiency of a developer to audit or repair the code loopholes, and further increase the labor and material cost of code loophole detection, so that how to effectively reduce false alarm of the code loopholes becomes a concern in the field of code loophole security detection.
Most of the existing code vulnerability detection methods are based on static analysis, and the principles of the methods are different. These detection models can be broadly divided into four classes based on the features used in the code vulnerability detection model. The first method is based on a text detection model, and the main principle is that codes with holes are regarded as texts, feature vectors are expressed by using natural language processing technologies such as word embedding and the like, and false-positive and positive code holes are identified by combining a machine learning model. The second type of method is a grammar feature-based detection model, and the model achieves the aim of identifying false alarm holes by extracting information such as abstract grammar trees in the false alarm and false alarm code holes. The third class is a semantic feature-based detection model that represents a positive or false alarm code vulnerability by extracting features such as a program dependency graph, a control flow graph, a data flow graph, and the like. The fourth type of method is a detection model based on mixed features, and the model mainly makes up the characteristic that a single feature cannot fully identify code holes by selecting and combining the features in the three types of detection models. However, since static analysis is mainly based on the principle of overapproximation to detect code vulnerabilities, these methods have a high false positive rate.
Researchers have proposed different solutions for how to reduce false positive code holes. At present, two methods for identifying false alarm holes exist: the first idea is to improve the accuracy of the static analysis-based code vulnerability detection method itself. However, these methods still cannot accurately and effectively identify false-positive code bugs due to inherent flaws in static analysis. The other thinking is to perform secondary filtering on loopholes generated by the code loophole detection model based on static analysis, so that false alarm of the code loophole detection tool is reduced. The main principle of the method is that the code bug detection model is utilized to carry out forward report and false report marking on the code bug, and a new model is constructed on the basis to carry out secondary filtering on the result, thereby reducing the bug false report rate of the existing code bug detection model. Although the method can reduce the false alarm rate of the code bug detection method to a certain extent, the existing code false alarm detection model is still insufficient in false alarm bug recognition because the methods lack field knowledge. It follows that further research into a code bug detection model is necessary.
Disclosure of Invention
The invention aims to solve the problems that: the intelligent code vulnerability detection method based on man-machine cooperation is provided, and the problem that an existing code vulnerability false alarm detection model is poor in effect is solved.
The technical scheme of the invention is as follows: a code vulnerability intelligent detection method based on man-machine cooperation comprises the following steps:
1) According to the code vulnerability data set, a code vulnerability false alarm detection model is constructed, and the method mainly comprises the following steps:
1.1 Collecting a code vulnerability data set with vulnerability marks, detecting source codes in the data set by using an existing code vulnerability detection tool set, wherein the detection result of the code vulnerability detection tool mainly comprises information such as vulnerability marks, vulnerability types, vulnerability threat levels, code lines of vulnerabilities and the like;
1.2 Aiming at the code loopholes detected in the step 1.1), if the loopholes exist in the code loophole data set and the loophole marks of the code loophole detection tool set are consistent, marking the loopholes as forward loopholes; if the vulnerability does not exist in the code vulnerability data set and the code vulnerability detection tool set detects the vulnerability, marking the vulnerability as a false alarm vulnerability;
1.3 Aiming at the code line generating the loopholes in the step 1.1), acquiring code fragments generated by the code loopholes by using a program slicing technology, and further acquiring code loophole positioning results of function level and statement level;
1.4 Extracting a control flow graph and an abstract syntax tree of forward report and false report vulnerabilities according to the code vulnerability positioning result of the function level in the step 1.3) to respectively represent the semantics and the syntax characteristics of the abstract syntax tree;
1.5 According to the result in the step 1.4), calculating the characteristic vector of the control flow graph of each code bug by utilizing WEISFEILER-Lehman graph cores; for the abstract syntax tree of each code vulnerability, replacing variables in the abstract syntax tree with variable types (< int >, < float >, < char >, < string >) and calculating feature vectors by using word2 vec; then splicing the feature vectors corresponding to each code vulnerability, wherein the feature vectors are used for representing the code vulnerability;
1.6 Training the feature vector obtained in the step 1.5) by using a machine learning model, constructing a code bug false alarm detection model, and further performing secondary filtering on the code bug marks.
2) And (3) combining the result of the code bug misinformation detection model in the step 1) and the program slicing result in the step 1.3) to generate code bug review tasks, wherein each code bug review task mainly comprises bug identifications and statement-level bug positioning.
3) From the aspect of a plurality of vulnerability attributes, extracting part of tasks from the code vulnerability review task in the step 2) by using different sampling strategies, distributing the part of tasks to crowdsourcing security specialists for review, and according to a vulnerability positioning result, requiring the crowdsourcing security specialists to review vulnerability marks (forward report or false report), vulnerability types, vulnerability threat levels, vulnerability related descriptions (vulnerability generation reasons, vulnerability generation results and the like);
4) For each code bug, analyzing the difference between the result of the code bug detection in the step 1) and the review result of the crowd-sourced security expert in the step 3), and further improving a code bug false alarm detection model based on continuous feedback, wherein the method mainly comprises the following steps:
4.1 If the code vulnerability detection result is the same as the crowdsourcing security expert review result in the vulnerability attribute, returning the vulnerability to the code vulnerability data set, so as to expand the existing code vulnerability data set;
4.2 If the code bug detection result is different from the crowd-sourced security expert review result bug mark, re-marking the forward report and the false report of the code bug, and returning to the code bug false report model for iterative training;
4.3 If the code vulnerability detection result is different from the crowdsourcing security expert review result vulnerability type, abstract extraction is carried out according to the code vulnerability related description, and a code vulnerability type rule is formed;
4.4 If the code vulnerability detection result is different from the vulnerability threat level of the crowdsourcing security expert review result, calculating the similarity between the code vulnerability detection result and the task which is not subjected to review in the step 3), and if the similarity reaches a set threshold, updating the vulnerability threat level of the task which is not subjected to review in real time.
The invention is characterized in that: 1. based on the existing code bug detection tool, constructing a code bug false alarm detection model, and carrying out secondary filtering on the code bug; 2. generating a vulnerability review task by using a program slicing technology and a sampling strategy, and distributing the vulnerability review task to crowdsourcing security specialists for review; 3. and combining the code bug misinformation detection model and the result of crowdsourcing safety specialists, and further improving code bug detection based on a continuous feedback mechanism.
The beneficial effects of the invention are as follows: the method combines the results of the machine angle and the human angle on the code vulnerability detection, improves the existing code vulnerability detection method based on the thought of man-machine cooperation, and improves the accuracy and reliability of the code vulnerability detection.
Drawings
Fig. 1 is an overall flowchart.
FIG. 2 shows the result of slicing the program according to the embodiment of the present invention.
Fig. 3 is a control flow diagram of the code.
Detailed Description
Several key technologies involved in the present invention are the WALA tool, javaparser tool, word2vec model, WEISFEILER-Lehman graphics core.
1. WALA tool
WALA is a tool for program slicing of code, which is a program analysis technique for decomposing programs. According to the code line positioned in the program, the WALA tool can only position sentences or predicates related to the code according to the program dependency graph or the data flow graph; meanwhile, the WALA tool can also extract a control flow graph in the program.
2. Javaparser tool
Javaparser is an abstract syntax tree extractor for java programs, and the abstract syntax tree is constructed by dividing and organizing java codes into a tree structure according to syntax rules, and javaparser finally generates a file form of ". Dot" or ". Json" for storing the abstract syntax tree.
3. Word2vec model
Word2vec is a shallow, two-layer neural network used to generate word vectors, used for training to reconstruct word text, and after training is completed, word2vec models can be used to map each word to a vector. In the invention, the identifier representation of each function is used as the input of a word2vec model, and the output is a vector corresponding to each identifier.
4. WEISFEILER-Lehman core
WEISFEILER-Lehman graph core is a graph embedding technology, graph embedding is carried out by calculating the logarithm of isomorphic subtree structures, and WEISFEILER-Lehman graph core not only can retain rich graph structure information, but also can ensure that the time complexity of the graph core can be ensured in polynomial time, so that the time complexity of an accurate graph matching algorithm is greatly reduced.
The whole flow of the invention is shown in figure 1, and the specific implementation steps are as follows:
1) Collecting a vulnerability dataset Juliet, detecting the dataset by using 3 tool sets such as the existing code vulnerability detection tools SpotBug, sourceMeter and FindBugs, and the detection report of the tools is shown in fig. 2;
2) Program slicing of code using a WALA tool, fig. 3 shows the results of program slicing at the function level and statement level;
3) Extracting a control flow graph and an abstract syntax tree at a function level by using a WALA tool and a javaparser tool respectively, taking the control flow graph and the abstract syntax tree as input of WEISFEILER-Lehman graph cores and word2vec model, setting the dimensionality of feature vectors of the control flow graph and the abstract syntax tree to be 64, and then combining the two feature vectors to form a 128-dimensional feature vector for each code vulnerability so as to represent the feature of each code vulnerability; finally training by adopting a common machine learning model and constructing a code bug misinformation detection model;
4) Combining a program slicing result and a sampling strategy at a statement level, generating and selecting a code vulnerability review task, and randomly distributing the selected task to a crowdsourcing security expert;
5) Comparing and analyzing the code false alarm detection model result and the crowdsourcing security expert review result, and continuously feeding back the results to the code vulnerability detection model, wherein the steps are divided into the following steps:
5.1 If the code vulnerability detection result is the same as the crowd-sourced security expert review result in the vulnerability attribute, returning the vulnerability to the code vulnerability data set, further expanding the existing code vulnerability data set, and triggering the code vulnerability model to retrain when 100 vulnerability data sets are added in the original data set;
5.2 If the code bug detection result is different from the crowd-sourced security expert review result bug mark, re-marking the forward report and the false report of the code bug, and returning the re-marked code bug to the code bug false report model for iterative training when the re-marked code bug reaches 100;
5.3 If the code vulnerability detection result is different from the crowdsourcing security expert review result vulnerability type, abstract extraction is carried out according to the code vulnerability related description, and corresponding code vulnerability type rules are formed for assisting the crowdsourcing security expert review;
5.4 If the code vulnerability detection result is different from the vulnerability threat level of the crowdsourcing security expert review result, calculating the similarity between the code vulnerability detection result and the task which is not subjected to review in the step 3), and if the similarity reaches 0.95, updating the vulnerability threat level of the task which is not subjected to review in real time.
Claims (1)
1. A code vulnerability intelligent detection method based on man-machine cooperation is characterized by comprising the following steps of
1) According to the code vulnerability data set, constructing a code vulnerability false alarm detection model, which comprises the following steps:
1.1 Collecting a code vulnerability data set with vulnerability marks, and detecting source codes in the data set by using an existing code vulnerability detection tool set, wherein the detection result of the code vulnerability detection tool comprises vulnerability marks, vulnerability types, vulnerability threat levels and code line information for generating vulnerabilities;
1.2 Aiming at the code loopholes detected in the step 1.1), if the loopholes exist in the code loophole data set and the loophole marks of the code loophole detection tool set are consistent, marking the loopholes as forward loopholes; if the vulnerability does not exist in the code vulnerability data set and the code vulnerability detection tool set detects the vulnerability, marking the vulnerability as a false alarm vulnerability;
1.3 Aiming at the code line generating the loopholes in the step 1.1), acquiring code fragments generated by the code loopholes by using a program slicing technology, and further acquiring code loophole positioning results of function level and statement level;
1.4 Extracting a control flow graph and an abstract syntax tree of forward report and false report vulnerabilities according to the code vulnerability positioning result of the function level in the step 1.3) to respectively represent the semantics and the syntax characteristics of the abstract syntax tree;
1.5 According to the result in the step 1.4), calculating the characteristic vector of the control flow graph of each code bug by utilizing WEISFEILER-Lehman graph cores; for the abstract syntax tree of each code vulnerability, replacing variables in the abstract syntax tree with variable types (< int >, < float >, < char >, < string >) and calculating feature vectors by using word2 vec; then splicing the feature vectors corresponding to each code loophole to represent the features of the code loophole;
1.6 Training the feature vector obtained in the step 1.5) by using a machine learning model, constructing a code bug false alarm detection model, and further performing secondary filtering on the code bug marks;
2) Combining the result of the code bug false report detection model in the step 1) and the program slicing result in the step 1.3), generating code bug review tasks, wherein each code bug review task consists of bug identifications and statement-level bug positioning;
3) From the aspect of a plurality of vulnerability attributes, extracting part of tasks from the code vulnerability review task in the step 2) by using different sampling strategies, distributing the part of tasks to crowdsourcing security specialists for review, and requiring the crowdsourcing security specialists to review vulnerability marks, vulnerability types, vulnerability threat levels, vulnerability generation reasons and vulnerability generation results according to vulnerability positioning results;
4) For each code bug, analyzing the difference between the result of the code bug detection in the step 1) and the review result of the crowd-sourced security expert in the step 3), and further improving a code bug false alarm detection model based on continuous feedback, wherein the method comprises the following steps:
4.1 If the code vulnerability detection result is the same as the crowdsourcing security expert review result in the vulnerability attribute, returning the vulnerability to the code vulnerability data set, so as to expand the existing code vulnerability data set;
4.2 If the code bug detection result is different from the crowd-sourced security expert review result bug mark, re-marking the forward report and the false report of the code bug, and returning to the code bug false report model for iterative training;
4.3 If the code vulnerability detection result is different from the crowdsourcing security expert review result vulnerability type, abstract extraction is carried out according to the code vulnerability related description, and a code vulnerability type rule is formed;
4.4 If the code vulnerability detection result is different from the vulnerability threat level of the crowdsourcing security expert review result, calculating the similarity between the code vulnerability detection result and the task which is not subjected to review in the step 3), and if the similarity reaches a set threshold, updating the vulnerability threat level of the task which is not subjected to review in real time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010487203.3A CN113742205B (en) | 2020-05-27 | 2020-05-27 | Code vulnerability intelligent detection method based on man-machine cooperation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010487203.3A CN113742205B (en) | 2020-05-27 | 2020-05-27 | Code vulnerability intelligent detection method based on man-machine cooperation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113742205A CN113742205A (en) | 2021-12-03 |
CN113742205B true CN113742205B (en) | 2024-04-23 |
Family
ID=78727947
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010487203.3A Active CN113742205B (en) | 2020-05-27 | 2020-05-27 | Code vulnerability intelligent detection method based on man-machine cooperation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113742205B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115455438B (en) * | 2022-11-09 | 2023-02-07 | 南昌航空大学 | Program slicing vulnerability detection method, system, computer and storage medium |
CN115563627B (en) * | 2022-12-06 | 2023-03-14 | 中国电子科技集团公司第三十研究所 | Binary program vulnerability static analysis method based on man-machine cooperation |
CN117077153B (en) * | 2023-10-18 | 2024-01-26 | 深圳海云安网络安全技术有限公司 | Static application security detection false alarm discrimination method based on large-scale language model |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102110051A (en) * | 2010-12-31 | 2011-06-29 | 北京邮电大学 | Static defect detection method of application program slicing technology |
CN107885999A (en) * | 2017-11-08 | 2018-04-06 | 华中科技大学 | A kind of leak detection method and system based on deep learning |
CN108268777A (en) * | 2018-01-18 | 2018-07-10 | 中国人民大学 | A kind of similarity detection method that unknown loophole discovery is carried out using patch information |
CN109657473A (en) * | 2018-11-12 | 2019-04-19 | 华中科技大学 | A kind of fine granularity leak detection method based on depth characteristic |
CN110011986A (en) * | 2019-03-20 | 2019-07-12 | 中山大学 | A kind of source code leak detection method based on deep learning |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150234730A1 (en) * | 2014-02-18 | 2015-08-20 | Zerodee, Inc. | Systems and methods for performing software debugging |
US11138317B2 (en) * | 2017-07-14 | 2021-10-05 | Accenture Global Solutions Limited | System and method for locating and correcting vulnerabilities in a target computer system |
-
2020
- 2020-05-27 CN CN202010487203.3A patent/CN113742205B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102110051A (en) * | 2010-12-31 | 2011-06-29 | 北京邮电大学 | Static defect detection method of application program slicing technology |
CN107885999A (en) * | 2017-11-08 | 2018-04-06 | 华中科技大学 | A kind of leak detection method and system based on deep learning |
CN108268777A (en) * | 2018-01-18 | 2018-07-10 | 中国人民大学 | A kind of similarity detection method that unknown loophole discovery is carried out using patch information |
CN109657473A (en) * | 2018-11-12 | 2019-04-19 | 华中科技大学 | A kind of fine granularity leak detection method based on depth characteristic |
CN110011986A (en) * | 2019-03-20 | 2019-07-12 | 中山大学 | A kind of source code leak detection method based on deep learning |
Non-Patent Citations (6)
Title |
---|
An Empirical Study on Software Failure Classification with Multi-label and Problem-Transformation Techniques;Yang Feng;《 2018 IEEE 11th International Conference on Software Testing, Verification and Validation (ICST)》;1-10 * |
CoCoTest: collaborative crowdsourced testing for Android applications;Haoyu Li;《ISSTA 2019》;390–393 * |
一种利用补丁的未知漏洞发现方法;李赞;边攀;石文昌;梁彬;;软件学报(第05期);1-4 * |
众包测试报告分析技术;房春荣;《万方》;1-65 * |
基于机器学习的软件缺陷预测方法研究;张志武;《万方》;1-59 * |
基于程序切片的二进制代码漏洞智能检测研究;邢文静;《中国优秀硕士学位论文全文数据库 (信息科技辑)》;I138-118 * |
Also Published As
Publication number | Publication date |
---|---|
CN113742205A (en) | 2021-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113742205B (en) | Code vulnerability intelligent detection method based on man-machine cooperation | |
CN107885999B (en) | Vulnerability detection method and system based on deep learning | |
CN108446540B (en) | Program code plagiarism type detection method and system based on source code multi-label graph neural network | |
CN111459799B (en) | Software defect detection model establishing and detecting method and system based on Github | |
CN112733156B (en) | Intelligent detection method, system and medium for software vulnerability based on code attribute graph | |
CN112307473A (en) | Malicious JavaScript code detection model based on Bi-LSTM network and attention mechanism | |
Yoon et al. | Reducing false alarms from an industrial-strength static analyzer by SVM | |
CN117033571A (en) | Knowledge question-answering system construction method and system | |
CN116340952A (en) | Intelligent contract vulnerability detection method based on operation code program dependency graph | |
CN115048316A (en) | Semi-supervised software code defect detection method and device | |
CN115858750A (en) | Power grid technical standard intelligent question-answering method and system based on natural language processing | |
CN116305119A (en) | APT malicious software classification method and device based on predictive guidance prototype | |
CN114580371A (en) | Program semantic confusion method and system based on natural language processing | |
Hoq et al. | SANN: programming code representation using attention neural network with optimized subtree extraction | |
Yang et al. | Smart contract vulnerability detection based on abstract syntax tree | |
Li et al. | Improving performance of log anomaly detection with semantic and time features based on bilstm-attention | |
CN116776981A (en) | API relationship reasoning method and system based on large-scale pre-training language model | |
CN113377962B (en) | Intelligent process simulation method based on image recognition and natural language processing | |
Zeng et al. | An efficient vulnerability extrapolation using similarity of graph kernel of pdgs | |
CN114817934A (en) | Vulnerability severity assessment method and system based on vulnerability event argument | |
CN114417828A (en) | Entity relationship extraction method and system for server alarm log description text | |
CN117349186B (en) | Program language defect positioning method, system and medium based on semantic flowsheet | |
CN117592061B (en) | Source code security detection method and device integrating code vulnerability characteristics and attribute graphs | |
Bluche | Mathematical formula recognition using machine learning techniques | |
CN110427615B (en) | Method for analyzing modification tense of financial event based on attention mechanism |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |