CN115865409A - Code risk detection method, device, equipment and medium - Google Patents
Code risk detection method, device, equipment and medium Download PDFInfo
- Publication number
- CN115865409A CN115865409A CN202211351434.7A CN202211351434A CN115865409A CN 115865409 A CN115865409 A CN 115865409A CN 202211351434 A CN202211351434 A CN 202211351434A CN 115865409 A CN115865409 A CN 115865409A
- Authority
- CN
- China
- Prior art keywords
- code
- risk value
- risk
- detected
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The embodiment of the application discloses a code risk detection method, a device, equipment and a medium. Wherein, the method comprises the following steps: analyzing the codes to be detected based on the vulnerability feature library and the grammatical feature library, and determining the risk value of each vulnerability in the codes to be detected; determining a total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected; and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value. According to the technical scheme, the missing rate of code risk detection can be reduced, the calculation complexity of code risk detection is reduced, and the accuracy of code risk detection is improved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a code risk detection method, apparatus, device, and medium.
Background
Code risk detection refers to the act of security analysis of code to discover code security flaws or violations of code security specifications. In the design process of a financial system application system for developing high-concurrency mass users, code defects can be caused by the fact that code development specifications are not complied with or the level of developers is insufficient, direct capital loss can be caused, even service paralysis or service avalanche can be caused, and therefore code risk detection work is particularly important.
The existing code risk detection modes mainly include two types: tool auditing and manual mining. The tool audit is generally a static code analysis tool, is mainly based on a regular expression, and has different degrees of false reports and missing reports. Manual auditing is also an important mode for code risk detection, but a large amount of time cost is consumed for auditors, and the reliability of the manual auditing is mainly based on the research level of the auditors.
Disclosure of Invention
The application provides a code risk detection method, a code risk detection device, a code risk detection equipment and a code risk detection medium, which can reduce the omission factor of code risk detection, reduce the calculation complexity of code risk detection and improve the accuracy of code risk detection.
According to an aspect of the present application, there is provided a code risk detection method, the method including:
determining a frame rate of a video to be played and a refresh rate of a display device, and determining a ratio of the refresh rate to the frame rate;
determining the target number of sub-image frames obtained by splitting the current image frame according to the ratio and the detection result of the current image frame in the video to be played; wherein the number of targets of the sub-image frames is at least two;
splitting the current image frame into a target number of sub-image frames to display the target number of sub-image frames on the display device.
According to another aspect of the present application, there is provided a code risk detection apparatus including:
the ratio determining module is used for determining the frame rate of a video to be played and the refresh rate of the display equipment, and determining the ratio of the refresh rate to the frame rate;
the target number determining module is used for determining the target number of the sub-image frames obtained by splitting the current image frame according to the ratio and the detection result of the current image frame in the video to be played; wherein the number of targets of the sub-image frames is at least two;
the splitting module is used for splitting the current image frame into a target number of sub-image frames so as to display the target number of sub-image frames on the display equipment.
According to another aspect of the present application, there is provided a code risk detection apparatus, the apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the code risk detection method of any of the embodiments of the present application.
According to another aspect of the present application, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement the code risk detection method according to any one of the embodiments of the present application when the computer instructions are executed.
According to the technical scheme of the embodiment of the application, the codes to be detected are analyzed based on the vulnerability feature library and the grammatical feature library, and the risk value of each vulnerability in the codes to be detected is determined; determining a total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected; and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value. According to the technical scheme, the missing rate of code risk detection can be reduced, the calculation complexity of code risk detection is reduced, and the accuracy of code risk detection is improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present application, nor do they limit the scope of the present application. Other features of the present application will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a code risk detection method according to an embodiment of the present application;
fig. 2 is a flowchart of a code risk detection method according to a second embodiment of the present application;
fig. 3 is a schematic structural diagram of a code risk detection apparatus according to a third embodiment of the present application;
fig. 4 is a schematic structural diagram of a device for implementing a code risk detection method according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," "target," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a code risk detection method according to an embodiment of the present disclosure, where the present embodiment is applicable to a situation of detecting a vulnerability in a code, and the method may be executed by a code risk detection apparatus, where the code risk detection apparatus may be implemented in a form of hardware and/or software, and the code risk detection apparatus may be configured in a device with data processing capability. As shown in fig. 1, the method includes:
s110, analyzing the codes to be detected based on the vulnerability characteristic library and the grammatical characteristic library, and determining the risk value of each vulnerability in the codes to be detected.
The vulnerability feature library can be a set of code vulnerability feature identification conditions and is used for identifying and classifying vulnerability features existing in the codes. The grammar feature library can be a set of code semantic risk recognition conditions used for recognizing and classifying semantic risks in codes. For example, the vulnerability characteristics existing in the code may be horizontal overrides, sensitive information leaks, etc., and the semantic risks existing in the code may be SQL injection, code abnormal execution, etc. The risk value is used for representing a risk measurement standard of vulnerability characteristics or semantic risks under the code running condition.
In the embodiment of the invention, the condition judgment is carried out on the detected codes respectively with the vulnerability characteristic identification condition in the vulnerability characteristic library and the semantic risk identification condition in the grammar characteristic library so as to identify whether the vulnerability characteristics or the semantic risk exist in the codes to be detected.
It should be noted that the risk value of each vulnerability may be determined according to a priority of a URL (uniform resource locator) of the code interface to be detected. The higher the priority of the URL of the code interface to be detected is, the larger the vulnerability risk value is.
And S120, determining the total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected.
And the total risk value of the code to be detected can be used for representing the auditing result of the code to be detected. In the embodiment of the invention, the risk values of all bugs in the code to be detected can be directly added to obtain the total risk value of the code to be detected; and giving different weight coefficients for the risk values of different vulnerabilities, and performing weighted summation on the risk values of various vulnerabilities in the code to be detected to obtain a total risk value of the code to be detected.
And S130, determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value.
The preset risk threshold can be used for evaluating the total risk value of the code to be detected, and can be preset according to the priority of the URL of the code interface to be detected. For example, the determination may be made based on the importance of the transaction. The target risk level can be used for grading the total risk value of the code to be detected and determining a subsequent processing mode of the code to be detected.
The embodiment of the invention provides a code risk detection method, which comprises the steps of analyzing to-be-detected codes based on a vulnerability feature library and a grammatical feature library to determine the risk value of each vulnerability in the to-be-detected codes; determining a total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected; and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value. According to the technical scheme, the missing rate of code risk detection can be reduced, the calculation complexity of code risk detection is reduced, and the accuracy of code risk detection is improved.
Example two
Fig. 2 is a flowchart of a code risk detection method according to a second embodiment of the present application, and the present embodiment performs optimization based on the second embodiment. As shown in fig. 2, the method of this embodiment specifically includes the following steps:
s210, classifying the bugs in the entity class and the field dimension returned by the request of the code to be detected based on the bug feature library, and determining the entity class risk value and the field dimension risk value returned by the request of the code to be detected.
The request return entity class can be return information of the operation of the code to be detected, and the loopholes in the request return entity class can be repeated requests and returned numbers, for example; the field dimension may be a sensitive information field, and the vulnerability in the field dimension may be, for example, the number of sensitive information fields.
In the embodiment of the invention, the entity risk value requested to be returned by the code to be detected can be determined according to the repeated requests and the returned number in the code to be detected, and the field dimension risk value of the code to be detected can be determined according to the number of the sensitive information fields.
Optionally, based on the vulnerability feature library, determining that the request of the code to be detected returns an entity class risk value and a field dimension risk value, including steps A1-A3:
and A1, respectively determining the risk values of the loopholes in the entity class and the field dimension and the corresponding weight coefficients of the request return of the code to be detected based on the weight updating model.
The weight updating model can be used for returning the weight coefficients corresponding to the entity class and the risk values of the vulnerabilities in the field dimension to the request of the code to be detected.
And A2, determining the risk value of the entity class returned by the request according to the risk value of each leak in the entity class returned by the request and the corresponding weight coefficient.
For example, if the entity class vulnerability requested to be returned exists in a certain code to be detected and is respectively horizontal override and sensitive information leakage, the entity class risk value requested to be returned can be determined through the following formula: the request returns an entity class risk value = (horizontal override risk value) × weight 1+ (sensitive information leakage risk value) × weight 2.
And A3, determining a field dimension risk value according to the risk value of each vulnerability in the field dimension and the corresponding weight coefficient.
Illustratively, if a field dimension bug exists in a certain code to be detected and is respectively horizontal override and sensitive information leakage, the field dimension risk value can be determined by the following formula: field dimension risk value = (horizontal override risk value) × weight 1+ (sensitive information leakage risk value) × weight 2.
S220, classifying the semantic risk of the code to be detected based on the grammatical feature library, and determining the semantic analysis risk value of the code to be detected.
The semantic analysis risk value can be a risk value obtained by structurally examining the context of the code to be detected based on the syntactic feature library, and can include semantic type examination and language specification examination.
Optionally, classifying the semantic risk of the code to be detected based on the syntactic feature library, and determining the semantic analysis risk value of the code to be detected, including steps B1-B4:
and B1, performing semantic analysis on the codes to be detected to generate a syntax tree.
The syntax tree can be a tree representation form of an abstract syntax structure of the code to be detected and is used for representing the syntax structure of the code to be detected, and each node in the syntax tree represents one syntax structure in the code to be detected.
In the embodiment of the invention, semantic analysis is carried out on the code to be detected to obtain the structural elements and the relationship of the code to be detected. Among other things, semantic analysis may include declarations and type checking. For example, the syntax tree may be generated by a deep-first search algorithm, and may also be generated by a visitor pattern.
And B2, determining the semantic risk of the code to be detected according to the syntax tree.
In the embodiment of the invention, the number of the unsafe functions to be called can be determined according to the syntax tree, and the semantic risk value is determined according to the number of the unsafe functions to be called. Wherein the insecure function may be runtime.
And B3, determining a weight coefficient corresponding to the semantic risk based on the weight updating model.
And B4, determining a semantic analysis risk value according to the semantic risk of the code to be detected and the corresponding weight coefficient.
Illustratively, if the semantic risks in a certain code to be detected are SQL injection and code execution, the semantic analysis risk value may be determined by the following formula: semantic analysis risk value = (SQL injection risk value) × weight 1+ (code execution risk value) × weight 2.
And S230, returning an entity class risk value, the field dimension risk value and the semantic analysis risk value according to the request, and determining the total risk value of the code to be detected.
In the embodiment of the invention, the entity risk value, the field dimension risk value and the semantic analysis risk value requested to be returned in the code to be detected can be directly added to obtain the total risk value of the code to be detected; and giving different weight coefficients to the entity class risk value, the field dimension risk value and the semantic analysis risk value which are requested to be returned, and carrying out weighted summation on the risk values of all loopholes in the code to be detected to obtain the total risk value of the code to be detected.
Optionally, the step of determining the total risk value of the code to be detected according to the entity class risk value returned by the request, the field dimension risk value and the semantic analysis risk value includes steps C1-C2:
and step C1, respectively determining weight coefficients corresponding to the entity class risk value, the field dimension risk value and the semantic analysis risk value returned by the request based on a weight updating model.
And step C2, according to the entity class risk value, the field dimension risk value, the semantic analysis risk value and the corresponding weight coefficient returned by the request, determining the total risk value of the code to be detected.
For example, the total risk value may be determined by the following formula: total risk value = (request return entity class risk value) × weight a + (field dimension risk value) × weight b + (semantic analysis risk value) × weight c.
Further, the total risk value may also be determined by the following formula: the total risk value = ((request return entity class vulnerability characteristic 1 risk value) × weight 1+ \ 8230, + (request return entity class vulnerability characteristic n risk value) × weight n)) × weight a + ((field dimension vulnerability characteristic 1 risk value) × weight 1+ \ 8230 + (field dimension vulnerability characteristic m risk value) × weight m)) + (semantic risk 1 risk value) × weight 1+ \ 8230 +, (field dimension vulnerability characteristic l risk value) × weight l)) × weight c.
S240, determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value.
The embodiment of the invention provides a code risk detection method, which classifies bugs in entity classes and field dimensions requested to be returned by codes to be detected based on a bug feature library, and determines entity class risk values and field dimension risk values requested to be returned by the codes to be detected; classifying semantic risks of the codes to be detected based on the syntactic feature library, and determining semantic analysis risk values of the codes to be detected; returning an entity class risk value, a field dimension risk value and a semantic analysis risk value according to the request, and determining a total risk value of the code to be detected; and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value. According to the technical scheme, the code risk assessment is refined, the code request is given consideration to the risk value detection of the entity class, the field dimension and the semantic risk, and the accuracy of code risk detection is further improved.
Optionally, the weight update model is constructed by the following steps: obtaining candidate codes, determining candidate risk values of all vulnerabilities and semantic risks in the candidate codes, weight coefficients corresponding to the candidate risk values and candidate total risk values of the candidate codes, and labeling the candidate codes to obtain labeled total risk values; and training an initial neural network model according to the marked total risk value, the candidate risk values and the weight coefficients corresponding to the candidate risk values to obtain a weight updating model.
The candidate code can be a previous code to be detected, and the candidate risk values of each vulnerability and each semantic risk in the previous code to be detected, the weight coefficients corresponding to the candidate risk values and the candidate total risk value of the previous code to be detected can be obtained by performing risk detection on the previous code to be detected. And marking the total risk value, and auditing and marking the candidate codes through a code review party.
In the embodiment of the invention, the weight updating model can be obtained by training the initial neural network model for multiple times, so that each weight coefficient is more accurate, and the accuracy of the total risk value of the code to be detected is further improved.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a code risk detection apparatus provided in the third embodiment of the present application, which is capable of executing the code risk detection method provided in any embodiment of the present application, and has functional modules and beneficial effects corresponding to the execution method. As shown in fig. 3, the apparatus includes:
the code analysis module 310 is configured to analyze a to-be-detected code based on a vulnerability feature library and a grammatical feature library, and determine a risk value of each vulnerability in the to-be-detected code;
a code total risk value determining module 320, configured to determine a total risk value of the code to be detected according to a risk value of each vulnerability in the code to be detected;
and the code risk level determining module 330 is configured to determine a target risk level of the code to be detected according to the total risk value and a preset risk threshold.
The embodiment of the invention provides a code risk detection device, which analyzes a to-be-detected code based on a vulnerability feature library and a grammatical feature library to determine a risk value of each vulnerability in the to-be-detected code; determining a total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected; and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value. According to the technical scheme, the missing rate of code risk detection can be reduced, the calculation complexity of code risk detection is reduced, and the accuracy of code risk detection is improved.
Further, the code analysis module 310 includes:
the code vulnerability analysis unit is used for classifying vulnerabilities in the entity class and the field dimension returned by the request of the code to be detected based on a vulnerability feature library, and determining an entity class risk value and a field dimension risk value returned by the request of the code to be detected;
the code semantic analysis unit is used for classifying the semantic risk of the code to be detected based on the syntactic feature library and determining the semantic analysis risk value of the code to be detected;
accordingly, the code total risk value determination module 320 includes:
and the code total risk value determining unit is used for returning the entity class risk value, the field dimension risk value and the semantic analysis risk value according to the request and determining the total risk value of the code to be detected.
Further, the code semantic analysis unit comprises:
the syntax tree generating subunit is used for performing semantic analysis on the code to be detected to generate a syntax tree;
the semantic risk determining subunit is used for determining the semantic risk of the code to be detected according to the syntax tree;
the semantic risk weight determining subunit is used for determining a weight coefficient corresponding to the semantic risk based on a weight updating model;
and the semantic analysis risk value determining subunit is used for determining a semantic analysis risk value according to the semantic risk of the code to be detected and the corresponding weight coefficient.
Further, the code vulnerability analysis unit includes:
the code vulnerability weight determining subunit is used for respectively determining the risk value and the corresponding weight coefficient of each vulnerability in the entity class and the field dimension which is requested to be returned by the code to be detected based on the weight updating model;
the request return entity class risk value determining subunit is used for determining the request return entity class risk value according to the risk value of each vulnerability in the request return entity class and the corresponding weight coefficient;
and the field dimension risk value determining subunit is used for determining the field dimension risk value according to the risk value of each vulnerability in the field dimension and the corresponding weight coefficient.
Further, the code total risk value determination unit includes:
a risk type weight determining subunit, configured to determine, based on a weight update model, weight coefficients corresponding to the entity class risk value, the field dimension risk value, and the semantic analysis risk value returned by the request, respectively;
and the code total risk value determining subunit is used for determining the total risk value of the code to be detected according to the entity class risk value returned by the request, the field dimension risk value, the semantic analysis risk value and the corresponding weight coefficient.
Further, the weight update model is constructed by the following process:
obtaining candidate codes, determining candidate risk values of all vulnerabilities and semantic risks in the candidate codes, weight coefficients corresponding to the candidate risk values and candidate total risk values of the candidate codes, and labeling the candidate codes to obtain labeled total risk values;
and training an initial neural network model according to the labeled total risk value, the candidate total risk value, each candidate risk value and a weight coefficient corresponding to each candidate risk value to obtain a weight updating model.
The code risk detection device provided by the embodiment of the application can execute the code risk detection method provided by any embodiment of the application, and has corresponding functional modules and beneficial effects of the execution method.
Example four
FIG. 4 shows a schematic block diagram of an apparatus 10 that may be used to implement embodiments of the present application. An apparatus is intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The device may also represent various forms of mobile devices, such as personal digital assistants, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 4, the device 10 includes at least one processor 11, and a memory communicatively connected to the at least one processor 11, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from a storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data necessary for the operation of the device 10 can also be stored. The processor 11, the ROM 12, and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
A number of components in the device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, or the like; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 11 performs the various methods and processes described above, such as the code risk detection method.
In some embodiments, the code risk detection method may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed on the device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the code risk detection method described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the code risk detection method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the methods of the present application may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of this application, a computer readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user may provide input to the device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solution of the present application can be achieved, and the present invention is not limited thereto.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. A code risk detection method, the method comprising:
analyzing a code to be detected based on a vulnerability feature library and a grammatical feature library, and determining a risk value of each vulnerability in the code to be detected;
determining a total risk value of the code to be detected according to the risk value of each bug in the code to be detected;
and determining the target risk level of the code to be detected according to the total risk value and a preset risk threshold value.
2. The method of claim 1, wherein analyzing the code to be detected based on a vulnerability feature library and a grammatical feature library to determine a risk value of each vulnerability in the code to be detected comprises:
classifying the bugs in the entity class and the field dimension returned by the request of the code to be detected based on a bug feature library, and determining the entity class risk value and the field dimension risk value returned by the request of the code to be detected;
classifying the semantic risk of the code to be detected based on the syntactic feature library, and determining the semantic analysis risk value of the code to be detected;
correspondingly, determining the total risk value of the code to be detected according to the risk value of each vulnerability in the code to be detected, including:
and determining the total risk value of the code to be detected according to the entity class risk value returned by the request, the field dimension risk value and the semantic analysis risk value.
3. The method according to claim 2, wherein classifying the semantic risk of the code to be detected based on the syntactic feature library, and determining the semantic analysis risk value of the code to be detected comprises:
performing semantic analysis on the codes to be detected to generate a syntax tree;
determining semantic risks of the codes to be detected according to the syntax tree;
determining a weight coefficient corresponding to the semantic risk based on a weight update model;
and determining a semantic analysis risk value according to the semantic risk of the code to be detected and the corresponding weight coefficient.
4. The method of claim 2, wherein determining the request return entity class risk value and the field dimension risk value for the code to be detected based on the vulnerability signature library comprises:
respectively determining the risk value and the corresponding weight coefficient of each bug in the request return entity class and the field dimension of the code to be detected based on a weight update model;
determining the risk value of each vulnerability in the entity class to be returned according to the request and the corresponding weight coefficient;
and determining the field dimension risk value according to the risk value of each vulnerability in the field dimension and the corresponding weight coefficient.
5. The method of claim 2, wherein determining the total risk value of the code to be detected according to the request returned entity class risk value, the field dimension risk value, and the semantic analysis risk value comprises:
respectively determining weight coefficients corresponding to the entity class risk value, the field dimension risk value and the semantic analysis risk value returned by the request based on a weight updating model;
and determining the total risk value of the code to be detected according to the entity class risk value returned by the request, the field dimension risk value, the semantic analysis risk value and the corresponding weight coefficient.
6. The method according to any one of claims 3-5, wherein the weight update model is constructed by:
obtaining candidate codes, determining candidate risk values of all loopholes and semantic risks in the candidate codes, weight coefficients corresponding to the candidate risk values and a candidate total risk value of the candidate codes, and labeling the candidate codes to obtain a labeled total risk value;
and training an initial neural network model according to the marked total risk value, the candidate risk values and the weight coefficients corresponding to the candidate risk values to obtain a weight updating model.
7. A code risk detection apparatus, the apparatus comprising:
the code analysis module is used for analyzing the codes to be detected based on the vulnerability feature library and the grammatical feature library and determining the risk value of each vulnerability in the codes to be detected;
the code total risk value determining module is used for determining the total risk value of the code to be detected according to the risk value of each bug in the code to be detected;
and the code risk grade determining module is used for determining the target risk grade of the code to be detected according to the total risk value and a preset risk threshold value.
8. The method of claim 7, wherein the code analysis module comprises:
the code vulnerability analysis unit is used for classifying vulnerabilities in the entity class and the field dimension returned by the request of the code to be detected based on a vulnerability feature library, and determining an entity class risk value and a field dimension risk value returned by the request of the code to be detected;
the code semantic analysis unit is used for classifying the semantic risk of the code to be detected based on the syntactic feature library and determining the semantic analysis risk value of the code to be detected;
accordingly, a code total risk value determination module includes:
and the code total risk value determining unit is used for returning the entity class risk value, the field dimension risk value and the semantic analysis risk value according to the request and determining the total risk value of the code to be detected.
9. A code risk detection device, characterized in that the device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the first and the second end of the pipe are connected with each other,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform the code risk detection method of any one of claims 1-6.
10. A computer-readable storage medium storing computer instructions for causing a processor to perform the code risk detection method of any one of claims 1-6 when executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211351434.7A CN115865409A (en) | 2022-10-31 | 2022-10-31 | Code risk detection method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211351434.7A CN115865409A (en) | 2022-10-31 | 2022-10-31 | Code risk detection method, device, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115865409A true CN115865409A (en) | 2023-03-28 |
Family
ID=85662190
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211351434.7A Pending CN115865409A (en) | 2022-10-31 | 2022-10-31 | Code risk detection method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115865409A (en) |
-
2022
- 2022-10-31 CN CN202211351434.7A patent/CN115865409A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113360580B (en) | Abnormal event detection method, device, equipment and medium based on knowledge graph | |
| CN115146282A (en) | AST-based source code anomaly detection method and device | |
| CN113760769A (en) | Test case processing method and device, electronic equipment and storage medium | |
| CN113127365A (en) | Method and device for determining webpage quality, electronic equipment and computer-readable storage medium | |
| CN114881129A (en) | Model training method and device, electronic equipment and storage medium | |
| CN115422028A (en) | Credibility evaluation method and device for label portrait system, electronic equipment and medium | |
| CN115906091A (en) | Software security vulnerability severity evaluation method and system based on heterogeneous data | |
| CN114492364A (en) | Same vulnerability judgment method, device, equipment and storage medium | |
| CN115545481A (en) | Risk level determination method and device, electronic equipment and storage medium | |
| CN115601042A (en) | Information identification method and device, electronic equipment and storage medium | |
| CN115865409A (en) | Code risk detection method, device, equipment and medium | |
| CN113807391A (en) | Task model training method and device, electronic equipment and storage medium | |
| CN114416422A (en) | Problem locating method, apparatus, device, medium and program product | |
| CN114116688A (en) | Data processing and data quality inspection method, device and readable storage medium | |
| CN113052509A (en) | Model evaluation method, model evaluation apparatus, electronic device, and storage medium | |
| CN112818972A (en) | Method and device for detecting interest point image, electronic equipment and storage medium | |
| CN116226673B (en) | Training method of buffer region vulnerability recognition model, vulnerability detection method and device | |
| CN117271373B (en) | Automatic construction method and device for test cases, electronic equipment and storage medium | |
| CN115599693A (en) | Test method, test device, electronic equipment and storage medium | |
| CN114386506A (en) | Feature screening method and device, electronic equipment and storage medium | |
| CN117931657A (en) | Static code performance analysis method and device, electronic equipment and storage medium | |
| CN116823159A (en) | Workload estimation method, device and program product for financial project | |
| CN117667566A (en) | Method, device, equipment and medium for generating monitoring use cases and training language model | |
| CN114154865A (en) | Object evaluation method, device, apparatus, storage medium, and program product | |
| CN115952403A (en) | Method and device for evaluating performance of object, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |