An automatic algorithm for software vulnerability classification based on CNN and GRU

被引:9
|
作者
Wang, Qian [1 ]
Li, Yazhou [2 ]
Wang, Yan [3 ]
Ren, Jiadong [1 ]
机构
[1] Yanshan Univ, Coll Informat Sci & Engn, Comp Virtual Technol & Syst Integrat Lab Hebei Pr, Qinhuangdao 066000, Hebei, Peoples R China
[2] China Mobile Xiongan Informat & Commun Technol Co, Xiongan 071700, Hebei, Peoples R China
[3] Northeastern Univ Qinhuangdao, Ctr Comp, Qinhuangdao, Hebei, Peoples R China
基金
中国国家自然科学基金;
关键词
Neural network; Software security; Vulnerability classification;
D O I
10.1007/s11042-022-12049-1
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In order to improve the management efficiency of software vulnerability classification, reduce the risk of system being attacked and destroyed, and save the cost for vulnerability repair, this paper proposes an automatic algorithm for Software Vulnerability Classification based on convolutional neural network (CNN) and gate recurrent unit neural network (GRU), called SVC-CG. It has conducted a fusion between the models of CNN and GRU according to their advantages (CNN is good at extracting local vector features of vulnerability text and GRU is good at extracting global features related to the context of vulnerability text). The merger of the features extracted by the complementary models can represent the semantic and grammatical information more accurately. Firstly, the Skip-gram language model based on Word2Vec is used to train and generate the word vector, and the words in each vulnerability text are mapped into the space with limited dimensions to represent the semantic information. Then the CNN is used to extract the local features of the text vector, and the GRU is used to extract the global features related to the text context. We combine two complementary models to construct a SVC-CG neural network algorithm, which can represent semantic and grammatical information more accurately to realize automatic classification of vulnerabilities. The experiment uses the vulnerability data from the national vulnerability database (NVD) to train and evaluate the SVC-CG algorithm. Through experimental comparison and analysis, the SVC-CG algorithm proposed in this paper has a good performance on Macro recall rate, Macro precision rate and Macro F1-score.
引用
收藏
页码:7103 / 7124
页数:22
相关论文
共 50 条
  • [31] Training Images Generation for CNN Based Automatic Modulation Classification
    Zhang, Wei-Tao
    Cui, Dan
    Lou, Shun-Tian
    [J]. IEEE ACCESS, 2021, 9 : 62916 - 62925
  • [32] A Data Preprocessing Method for Automatic Modulation Classification Based on CNN
    Zhang, Haozheng
    Huang, Ming
    Yang, Jingjing
    Sun, Wei
    [J]. IEEE COMMUNICATIONS LETTERS, 2021, 25 (04) : 1206 - 1210
  • [33] Algorithm of image classification based on Atrous-CNN
    Huang, Xiangdong
    Lei, Xinyu
    Pan, Hongguang
    Li, Dong
    [J]. PROCEEDINGS OF THE 2019 31ST CHINESE CONTROL AND DECISION CONFERENCE (CCDC 2019), 2019, : 5324 - 5328
  • [34] Fast Automatic Optimisation of CNN Architectures for Image Classification Using Genetic Algorithm
    Bakhshi, Ali
    Noman, Nasimul
    Chen, Zhiyong
    Zamani, Mohsen
    Chalup, Stephan
    [J]. 2019 IEEE CONGRESS ON EVOLUTIONARY COMPUTATION (CEC), 2019, : 1283 - 1290
  • [35] Automatic software vulnerability assessment by extracting vulnerability elements
    Sun, Xiaobing
    Ye, Zhenlei
    Bo, Lili
    Wu, Xiaoxue
    Wei, Ying
    Zhang, Tao
    Li, Bin
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2023, 204
  • [36] TRANSITION MOTION PATTERN CLASSIFICATION FOR LOWER LIMB EXOSKELETON IN STAIR SCENES BASED ON CNN AND GRU
    Yu, Fangli
    Zheng, Jianbin
    Yu, Lie
    Xiao, Hui
    Chen, Qiang
    Zhang, Di
    [J]. JOURNAL OF MECHANICS IN MEDICINE AND BIOLOGY, 2023, 24 (10)
  • [37] Application Of Attention-Based Gru Combined With Cnn Classification On P300 Signals
    Sheng, Lei
    [J]. 2020 5TH INTERNATIONAL CONFERENCE ON SMART GRID AND ELECTRICAL AUTOMATION (ICSGEA 2020), 2020, : 182 - 185
  • [38] RETRACTED: News Text Classification Method Based on the GRU_CNN Model (Retracted Article)
    Deng, Lujuan
    Ge, Qingxia
    Zhang, Jiaxue
    Li, Zuhe
    Yu, Zeqi
    Yin, Tiantian
    Zhu, Hanxue
    [J]. INTERNATIONAL TRANSACTIONS ON ELECTRICAL ENERGY SYSTEMS, 2022, 2022
  • [39] Sleep Stage Classification Based on EEG, EOG, and CNN-GRU Deep Learning Model
    Niroshana, Isuru S. M.
    Zhu, Xin
    Chen, Ying
    Chen, Wenxi
    [J]. 2019 IEEE 10TH INTERNATIONAL CONFERENCE ON AWARENESS SCIENCE AND TECHNOLOGY (ICAST 2019), 2019, : 521 - 527
  • [40] Survey of Automatic Software Vulnerability Exploitation
    Wu, Zehui
    Wei, Qiang
    Wang, Xinlei
    Wang, Yunchao
    Yan, Chenyu
    Chen, Jing
    [J]. Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2024, 61 (09): : 2261 - 2274