Vulnerability Detection for Source Code Using Contextual LSTM

被引：0

作者：

Xu, Aidong ^{[1
,2
]}

Dai, Tao ^{[1
,2
]}

Chen, Huajun ^{[1
,2
]}

Ming, Zhe ^{[1
,2
]}

Li, Weining ^{[3
]}

机构：

[1] China Southern Power Grid, Guangzhou 510080, Guangdong, Peoples R China

[2] Elect Power Informat Secur Classified Protect Tes, Guangzhou 510080, Guangdong, Peoples R China

[3] Hainan Power Grid Co Ltd, Haikou 570100, Hainan, Peoples R China

来源：

2018 5TH INTERNATIONAL CONFERENCE ON SYSTEMS AND INFORMATICS (ICSAI) | 2018年

关键词：

component; vulnerability detection; CLSTM; neural network;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

With the development of Internet technology, software vulnerabilities have become a major threat to current computer security. In this work, we propose the vulnerability detection for source code using Contextual LSTM. Compared with CNN and LSTM, we evaluated the CLSTM on 23185 programs, which are collected from SARD. We extracted the features through the program slicing. Based on the features, we used the natural language processing to analysis programs with source code. The experimental results demonstrate that CLSTM has the best performance for vulnerability detection, reaching the accuracy of 96.711% and the F1 score of 0.96984.

引用

页码：1225 / 1230

页数：6

共 50 条

[31] Towards Attention Based Vulnerability Discovery Using Source Code Representation
Kim, Junae
Hubczenko, David
Montague, Paul
[J]. ARTIFICIAL NEURAL NETWORKS AND MACHINE LEARNING - ICANN 2019: TEXT AND TIME SERIES, PT IV, 2019, 11730 : 731 - 746
[32] Learning and Evaluating Contextual Embedding of Source Code
Kanade, Aditya
Maniatis, Petros
Balakrishnan, Gogul
Shi, Kensen
[J]. INTERNATIONAL CONFERENCE ON MACHINE LEARNING, VOL 119, 2020, 119
[33] Smart Contract Vulnerability Detection Using Code Representation Fusion
Wang, Ben
Chu, Hanting
Zhang, Pengcheng
Dong, Hai
[J]. 2021 28TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC 2021), 2021, : 564 - 565
[34] Software Vulnerability Detection Using Informed Code Graph Pruning
Gear, Joseph
Xu, Yue
Foo, Ernest
Gauravaram, Praveen
Jadidi, Zahra
Simpson, Leonie
[J]. IEEE ACCESS, 2023, 11 : 135626 - 135644
[35] A Comparative Study of Static Code Analysis tools for Vulnerability Detection in C/C++ and JAVA Source Code
Kaur, Arvinder
Nayyar, Ruchikaa
[J]. Procedia Computer Science, 2020, 171 : 2023 - 2029
[36] DiverseVul: A New Vulnerable Source Code Dataset for Deep Learning Based Vulnerability Detection
Chen, Yizheng
Ding, Zhoujie
Alowain, Lamya
Chen, Xinyun
Wagner, David
[J]. PROCEEDINGS OF THE 26TH INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES, RAID 2023, 2023, : 654 - 668
[37] Software Source Code Vulnerability Detection Based on CNN-GAP Interpretability Model
Wang Jian
Kuang Hongyu
Li Ruilin
Su Yunfei
[J]. JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY, 2022, 44 (07) : 2568 - 2575
[38] Vulnerability Detection in C/C plus plus Source Code With Graph Representation Learning
Wu, Yuelong
Lu, Jintian
Zhang, Yunyi
Jin, Shuyuan
[J]. 2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), 2021, : 1519 - 1524
[39] Representation vs. Model: What Matters Most for Source Code Vulnerability Detection
Zheng, Wei
Semasaba, Abubakar Omari Abdallah
Wu, Xiaoxue
Agyemang, Samuel Akwasi
Liu, Tao
Ge, Yuan
[J]. 2021 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION AND REENGINEERING (SANER 2021), 2021, : 647 - 653
[40] A General Source Code Vulnerability Detection Method via Ensemble of Graph Neural Networks
Zeng, Ciling
Zhou, Bo
Dong, Huoyuan
Wu, Haolin
Xie, Peiyuan
Guan, Zhitao
[J]. FRONTIERS IN CYBER SECURITY, FCS 2023, 2024, 1992 : 560 - 574

← 1 2 3 4 5 →