吉林大学学报(理学版) ›› 2023, Vol. 61 ›› Issue (6): 1358-1366.

• • 上一篇    下一篇

 基于词向量模型的漏洞检测方法

肖巍1, 胡景浩2, 侯正章2, 王涛1, 潘超1   

  1. 1. 长春工业大学 计算机科学与工程学院, 长春 130012; 2. 吉林大学 软件学院, 长春 13001
  • 收稿日期:2022-10-24 出版日期:2023-11-26 发布日期:2023-11-26
  • 通讯作者: 潘超 E-mail:kerwinpc@ccut.edu.cn

Vulnerability Detection Method Based on Word Vector Model

XIAO Wei1, HU Jinghao2, HOU Zhengzhang2, WANG Tao1, PAN Chao1   

  1. 1. School of Computer Science and Engineering, Changchun University of Technology, Changchun 130012, China;
    2. College of Software, Jilin University, Changchun 130012, China
  • Received:2022-10-24 Online:2023-11-26 Published:2023-11-26

PDF (PC)

262

摘要: 针对漏洞检测领域面临的实验平台不统一、 数据集异构等问题, 研究词向量模型在C/C++函数漏洞检测方面的应用. 用5种词向量模型对源代码生成的抽象语法树结构进行知识表示, 用6种神经网络模型进行漏洞检测, 实验结果表明, 函数级代码具有浅层的语义关系, 代码块内部联系紧密.

关键词: 词向量模型, 漏洞检测, 抽象语法树, 代码表征, 神经网络

Abstract: Aiming at the problems of non-uniform experimental platforms and heterogeneous datasets faced in the field of vulnerability dete
ction, we  studied  the application of word vector models in C/C++ function vulnerability detection. Five word vector models were used for the knowledge representation of the abstract syntax tree structure generated by the source code, and six neural network models were used for vulnerability detection. The experimental results show that function-level code has shallow semantic relationships and tight connections within code blocks.

Key words: word vector model,  , vulnerability detection, abstract syntax tree, code representation, neural network

中图分类号: 

  • TP311
版权所有 © 《吉林大学学报(理学版)》编辑部
地址:吉林省长春市前进大街2699号 邮编:130012 电话:+86-431-88499428 E-mail: sejuj@jlu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发