Multi-relational graph network-based vulnerability model construction method and detection method thereof

A construction method and relationship diagram technology, applied in biological neural network models, neural learning methods, neural architectures, etc., can solve the problem of low detection accuracy of vulnerability detection models, achieve poor detection results, improve accuracy, reduce The effect of false negatives

Active Publication Date: 2021-07-23
NORTHWEST UNIV(CN)
View PDF9 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the deficiencies in the prior art, the purpose of the present invention is to provide a method for constructing and detecting a vulnerability model based on a multi-relational graph network, and to solve the technical problem of low detection accuracy of the vulnerability detection model in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-relational graph network-based vulnerability model construction method and detection method thereof
  • Multi-relational graph network-based vulnerability model construction method and detection method thereof
  • Multi-relational graph network-based vulnerability model construction method and detection method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0122] This embodiment provides a method for constructing a vulnerability model based on a multi-relational graph network. The method is performed according to the following steps:

[0123] Step 1. Collect the source code program files, and preprocess the source code program files to obtain function blocks. According to whether the function names corresponding to the function blocks contain good and bad, the corresponding labels are function blocks without loopholes and function blocks with loopholes;

[0124] In this embodiment, source code program files are collected from SARD.

[0125] Step 2, processing the function blocks without loopholes and the function blocks with loopholes to obtain their corresponding second abstract syntax trees; performing a first traversal on the second abstract syntax trees to obtain 7 kinds of edge relationships, and generating a relationship graph; At the same time, PCDG obtained by traversing the second abstract syntax tree; connecting the re...

Embodiment 2

[0178] This embodiment provides a detection method based on a multi-relational graph network vulnerability model, the method comprising the following steps:

[0179] Step 1: Collect new source code program files, and preprocess the source code program files to obtain function blocks. According to whether the function name corresponding to the function block contains good and bad, the corresponding labels are non-vulnerable function blocks and vulnerable function blocks ;

[0180] Step 2, performing the processing of step 2 to step 3 as claimed in claim 1 on the function block without loopholes obtained in step 1 and the function block with loopholes to obtain an adjacency matrix for detection;

[0181] Step 3, inputting the adjacency matrix obtained in step 2 for detection into the optimal GGNN vulnerability model obtained in step 4 of claim 1, if there is a function block containing double-free vulnerabilities in the test results, then report For this function block, if ther...

example 1

[0183] Following the above technical scheme, in the experiment of vulnerability detection, Figure 11 Shows the evaluation results of each type of vulnerability in the C language Top30 on the present invention, the results include accuracy, precision, recall and F1 score, where the detection accuracy of each type of vulnerability exceeds 80%, and some exceed 90% %, with an average of over 85%. Figure 12 Demonstrated the method of the present invention and VULDEEPECKER, μVULDEEPECKER, LIN et al., VUDDY, DEEPBUGS and DEVIGN to perform vulnerability detection on open source warehouses. The first three methods are based on BiLSTM, VUDDY uses hash functions to find vulnerable code clones, and DEEPBUGS uses Feed-forward neural network checks for defects, and DEVIGN uses standard GNN operations that do not distinguish between types of AST edges. All methods, except μVULDEEPECKER, use a binary decision to predict whether a code contains a vulnerability. Among them, the successfully i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multi-relational graph network-based vulnerability model construction method and a detection method thereof, and the method comprises the steps: collecting a source code program file, carrying out the preprocessing of the source code program file, obtaining a function block, and according to whether a function name corresponding to the function block contains a good and a bad, enabling a corresponding label to be a function block without a vulnerability and a function block with a vulnerability; processing the function blocks without the vulnerabilities and the function blocks with the vulnerabilities to obtain respective corresponding second abstract syntax trees; and performing first traversal on the second abstract syntax tree to obtain seven edge relationships. On the basis of extracting node information of the abstract syntax tree in the prior art, seven edge relationships are added, and the seven edge relationships can remarkably improve the accuracy rate in the aspect of vulnerability detection and reduce the missing report rate; when the GGNN vulnerability model is built, the GRU and the highway gate are fused to improve the propagation speed of the vector among different relational graphs, so that the model training period is shortened, and the technical problem that the detection effect of a vulnerability detection model is poor in the prior art is solved.

Description

technical field [0001] The invention belongs to the field of code auditing, relates to a structured source code representation and a graph neural network in deep learning, and specifically relates to a construction method and a detection method of a vulnerability model based on a multi-relational graph network. Background technique [0002] Software vulnerabilities are the main cause of system attacks and user privacy data leakage. Machine learning technology is often used to build vulnerability detection tools and models to identify common software vulnerabilities. It learns potential patterns in existing vulnerability programs to generate vulnerability detection models, and then applies the detection models to actual software projects to identify Potentially vulnerable code. The reason machine learning works is because - Vulnerable programs have the same or similar code characteristics and patterns. And there is ample evidence that machine learning techniques can outperf...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06N3/04G06N3/08G06F40/154G06F40/284
CPCG06F21/577G06N3/04G06N3/08G06F40/154G06F40/284
Inventor 龚晓庆郝慧徐榕泽叶贵鑫王焕廷汤战勇
Owner NORTHWEST UNIV(CN)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap