• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Xiao Tianming, Guan Jianbo, Jian Songlei, Ren Yi, Zhang Jianfeng, Li Bao. Software Vulnerability Detection Method Based on Code Property Graph and Bi-GRU[J]. Journal of Computer Research and Development, 2021, 58(8): 1668-1685. DOI: 10.7544/issn1000-1239.2021.20210297
Citation: Xiao Tianming, Guan Jianbo, Jian Songlei, Ren Yi, Zhang Jianfeng, Li Bao. Software Vulnerability Detection Method Based on Code Property Graph and Bi-GRU[J]. Journal of Computer Research and Development, 2021, 58(8): 1668-1685. DOI: 10.7544/issn1000-1239.2021.20210297
shu

Software Vulnerability Detection Method Based on Code Property Graph and Bi-GRU

  • (College of Computer Science and Technology, National University of Defense Technology, Changsha 410073)

Funds: This work was supported by the National Natural Science Foundation of China (61872444, U19A2060) and the National Key Research and Development Program of China (2018YFB0204301).
More Information
  • Published Date: July 31, 2021
    Graphical Abstract
    • Abstract
  • For large-scale and complex software nowadays, the forms of vulnerability code tend to be more diversified. Traditional vulnerability detection methods can not meet the requirements of diverse vulnerabilities because of their high degree of human participation and weak ability of unknown vulnerability detection. In order to improve the detection effect of unknown vulnerability, a large number of machine learning methods have been applied to the field of software vulnerability detection. Due to the high loss of syntax and semantic information in code representation, the false positive rate and false negative rate are high. To solve this issue, a software vulnerability detection method based on code property graph and Bi-GRU is proposed. This method extracts the abstract syntax tree sequence and the control flow graph sequence from the code property graph of the function as the representation method of the function representation. The representation method can reduce the loss of information in the code representation. At the same time, the method selects Bi-GRU to build feature extraction model. It can improve the feature extraction ability of vulnerability code. Experimental results show that, compared with the method represented by abstract syntax tree, this method can improve the accuracy and recall by 35% and 22%. It can improve the vulnerability detection effect of real data set for multiple software source code mixing, and effectively reduce the false positive rate and false negative rate.
    • FullText(HTML)
    • References (0)
    • Related Articles

  • Related Articles

    [1]Fu Maozhong, Hu Haiyang, Li Zhongjin. Dynamic Resource Scheduling Method for GPU Cluster[J]. Journal of Computer Research and Development, 2023, 60(6): 1308-1321. DOI: 10.7544/issn1000-1239.202220149
    [2]Li Bohan, Zhang Chao, Li Dongjing, Xu Jianqiu, Xia Bin, Qin Xiaolin. A DSP-Topk Query Optimization Algorithm Supporting Indoor Obstacle Space[J]. Journal of Computer Research and Development, 2017, 54(3): 557-569. DOI: 10.7544/issn1000-1239.2017.20150895
    [3]Zhang Rubo, Tang Pingpeng, Yang Ge, Li Xueyao, Shi Changting. Convergence Analysis of Adaptive Obstacle Avoidance Decision Processes for Unmanned Surface Vehicle[J]. Journal of Computer Research and Development, 2014, 51(12): 2644-2652. DOI: 10.7544/issn1000-1239.2014.20131011
    [4]Feng Lin, Fu Yong, Chen Kang, Zheng Weimin. TDDS:Task Deployment and Scheduling Based on Virtual Cluster System[J]. Journal of Computer Research and Development, 2013, 50(5): 1118-1124.
    [5]Zhai Haibin, Jiang Hai, Sun Yi, Li Jun, Li Zhongcheng. A Node-Link Based Cache Deployment Algorithm for P2P Traffic in ISP Networks[J]. Journal of Computer Research and Development, 2013, 50(1): 122-135.
    [6]Wu Hao and Wu Guoqing. Dynamical Integrity of Codes: Model and Method[J]. Journal of Computer Research and Development, 2012, 49(9): 1874-1882.
    [7]Qi Ji, Li Xi, Yu Haichen, Hu Nan, Gong Yuchang, Wang Ligang. A Scheduling Algorithm for Dynamic Reconfigurable Computing[J]. Journal of Computer Research and Development, 2007, 44(8): 1439-1447.
    [8]Tang Lei, Liao Yuan, Li Mingshu, Huai Xiaoyong. The Dynamic Deployment Problem and the Algorithm of Service Component for Pervasive Computing[J]. Journal of Computer Research and Development, 2007, 44(5): 815-822.
    [9]Jiang Yuncheng, Shi Zhongzhi, Tang Yong, Wang Ju. A Distributed Dynamic Description Logic[J]. Journal of Computer Research and Development, 2006, 43(9): 1603-1608.
    [10]Yang Juan, Qiu Yuhui, Li Jianguo, Zheng Qiang. A MA Model with Application Components Being Dynamically Scalable[J]. Journal of Computer Research and Development, 2005, 42(5): 830-834.

  • Cited by

    Periodical cited type(27)

    1. 章政,夏小云,陈泽丰,向毅. 融合强化学习的分阶段策略求解旅行背包问题. 计算机工程与科学. 2025(01): 140-149 .
    2. 韩润华. 动态虚拟多任务智能水滴算法求解TSP问题. 电脑知识与技术. 2025(06): 15-21 .
    3. 唐存花,汤可宗. 求旅行商问题的幂律变换优化蚁群算法. 软件导刊. 2024(02): 74-83 .
    4. 韩希君,郑勇,孙国思. 基于改进果蝇算法的车架焊接机器人避障路径规划. 焊接技术. 2024(03): 90-94 .
    5. 褚宏悦,易军凯. 无人机安全路径规划的混沌粒子群优化研究. 控制工程. 2024(06): 1027-1034 .
    6. 李娟,金志雄. 基于轻量化Transformer的农作物检测机器人路径规划. 中国农机化学报. 2024(09): 227-233 .
    7. 江新姿,安晓丽,高尚. 基于MTSP问题的公共图书馆智慧配送服务. 计算机与现代化. 2024(09): 52-55+60 .
    8. 禹博文,游晓明,刘升. 基于空间聚焦机制的混沌随机蚁群算法. 智能计算机与应用. 2024(09): 1-9 .
    9. 邱鹤庆. 基于贪婪算法和ACO的无人机测绘路径规划算法. 智能城市. 2024(10): 59-61 .
    10. 刘宇,赵辉. 蚁群算法下焊接机器人焊缝表面图像裂纹检测. 计算机仿真. 2024(11): 215-219 .
    11. 董黎明,程美英. 求解多式联运问题的异构多任务优化蚁群算法. 计算机仿真. 2024(12): 189-196 .
    12. 杨笑笑,柯琳,陈智斌. 深度强化学习求解车辆路径问题的研究综述. 计算机工程与应用. 2023(05): 1-13 .
    13. 郭城成,田立勤,武文星. 蚁群算法在求解旅行商问题中的应用综述. 计算机系统应用. 2023(03): 1-14 .
    14. 凌畅,吴富强,陈晓峰. 基于蚁群算法的机头结构二级布局优化方法. 航空计算技术. 2023(02): 55-59 .
    15. 刘静,杨雪,陈伟,陈巍. 无缆自治水下机器人运动控制参数整定方法. 计算机仿真. 2023(03): 421-425 .
    16. 郭洪升,李忠伟,罗偲,任旭虎. 基于混合人工蜂群算法和A~*算法的求解旅行商问题算法. 科学技术与工程. 2023(11): 4718-4724 .
    17. 付豪. 融合改进A*和蚁群算法的多目标路径规划. 信息技术与信息化. 2023(09): 39-42 .
    18. 孙茂荣,赵泽阳. 基于遗传算法的管板爬行机器人检修路径规划. 制造业自动化. 2023(11): 117-121 .
    19. 杨笑笑,陈智斌. 深度混合型邻域搜索模型求解CVRP问题. 南京大学学报(自然科学). 2023(06): 1023-1033 .
    20. 徐江,程美英. 面向路径规划问题的虚拟多任务共生生物搜索算法. 计算机应用研究. 2023(12): 3599-3605+3613 .
    21. 段丽妮,阚龙营. 基于蚁群算法的多车型物流车辆调度研究. 物流科技. 2022(04): 14-17 .
    22. 陈嘉珣,闫国玉,张捷. 基于改进蚁群算法的警用装备管理平台的设计. 工业控制计算机. 2022(04): 144-146 .
    23. 张硕航,郭改枝. 多旅行商模型及其应用研究综述. 计算机科学与探索. 2022(07): 1516-1528 .
    24. 孙晗,周全,杨志军. 应用TSP的纤维检测装置扫描路径优化. 西安工程大学学报. 2022(04): 26-33 .
    25. 汤超龙,赵永强,刘芯羽. 基于蚁群算法的二维多层亚波长光栅结构设计. 红外与毫米波学报. 2022(04): 756-761 .
    26. 姚拓中. 基于粒子群优化和改进蚁群算法的电力供应链博弈分析. 浙江电力. 2022(09): 80-85 .
    27. 汪帅,郑红,卢楠,李晖,彭检贵,董雅雯. 林草智慧巡护管理系统设计与应用. 林业资源管理. 2022(06): 145-150 .

    Other cited types(28)

Catalog

    Get Citation
    PDF
    XML
    Article views (773) PDF downloads (364) Cited by(55)
    Turn off MathJax
    Article Contents
    Abstract
    Related Articles
    Email Alert RSS
    微信订阅号<br/>(实时资讯)

    微信订阅号
    (实时资讯)

    微信服务号<br/>(同步网站)

    微信服务号
    (同步网站)

    微信视频号<br/>(视频分享)

    微信视频号
    (视频分享)

    CCF<br/>(扫码入会)

    CCF
    (扫码入会)

    Copyright © Editorial Department of Computer Research and Development

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return