Software Security Vulnerability Mining Based on Deep Learning

Gu Mianxue; Sun Hongyu; Han Dan; Yang Su; Cao Wanying; Guo Zhen; Cao Chunjie; Wang Wenjie; Zhang Yuqing

doi:10.7544/issn1000-1239.2021.20210620

Journal of Computer Research and Development > 2021 > 58(10): 2140-2162. > DOI: 10.7544/issn1000-1239.2021.20210620 CSTR: 32373.14.issn1000-1239.2021.20210620

Gu Mianxue, Sun Hongyu, Han Dan, Yang Su, Cao Wanying, Guo Zhen, Cao Chunjie, Wang Wenjie, Zhang Yuqing. Software Security Vulnerability Mining Based on Deep Learning[J]. Journal of Computer Research and Development, 2021, 58(10): 2140-2162. DOI: 10.7544/issn1000-1239.2021.20210620

Citation:

PDF (2891 KB)

Software Security Vulnerability Mining Based on Deep Learning

¹(College of Cyberspace Security, Hainan University, Haikou 570228)
²(National Computer Network Intrusion Protection Center (University of Chinese Academy of Sciences), Beijing 101408)
³(College of Cyber Engineering, Xidian University, Xi’an 710126)

Funds: This work was supported by the National Natural Science Foundation of China (U1836210) and the Key Research and Development Program of Hainan Province (ZDYF202012).

More Information

Published Date: September 30, 2021

Graphical Abstract

Abstract

Abstract

The increasing complexity of software and the diversified forms of security vulnerabilities have brought severe challenges to the research of software security vulnerabilities. Traditional vulnerability mining methods are inefficient and have problems such as high false positives and high false negatives, which have been unable to meet the increasing demands for software security. At present, a lot of research works have attempted to apply deep learning to the field of vulnerability mining to realize automated and intelligent vulnerability mining. This review conducts an in-depth investigation and analysis of the deep learning methods applied to the field of software security vulnerability mining. First, through collecting and analyzing existing research works of software security vulnerability mining based on deep learning, its general work framework and technical route are summarized. Subsequently, starting from the extraction of deep features, security vulnerability mining works with different code representation forms are classified and discussed. Then, specific areas of deep learning based software security vulnerability mining works are discussed systematically, especially in the field of the Internet of Things and smart contract security. Finally, based on the summary of existing research works, the challenges and opportunities in this filed are discussed, and the future research trends are presented.
- deep learning,
- vulnerability mining,
- code representation,
- IoT security,
- smart contract security

FullText(HTML)

References (0)

[1]	Zhang Shaobo, Wang Guojun, Liu Qin, Liu Jianxun. Trajectory Privacy Protection Method Based on Multi-Anonymizer[J]. Journal of Computer Research and Development, 2019, 56(3): 576-584. DOI: 10.7544/issn1000-1239.2019.20180033
[2]	Zhu Weijun, You Qingguang, Yang Weidong, Zhou Qinglei. Trajectory Privacy Preserving Based on Statistical Differential Privacy[J]. Journal of Computer Research and Development, 2017, 54(12): 2825-2832. DOI: 10.7544/issn1000-1239.2017.20160647
[3]	Xia Zhuoqun, Hu Zhenzhen, Luo Junpeng, Chen Yueyue. Adaptive Trajectory Prediction for Moving Objects in Uncertain Environment[J]. Journal of Computer Research and Development, 2017, 54(11): 2434-2444. DOI: 10.7544/issn1000-1239.2017.20170309
[4]	Li Yang, Wang Zhe, Zhang Chuwen, Dai Huichen, Xu Wenquan, Ji Xuefeng, Wan Ying, Liu Bin. Trajectory Prediction Algorithm in VANET Routing[J]. Journal of Computer Research and Development, 2017, 54(11): 2421-2433. DOI: 10.7544/issn1000-1239.2017.20170359
[5]	Zhang Fengjun, Zhao Ling, An Guocheng, Wang Hongan, Dai Guozhong. Mean Shift Tracking Algorithm with Scale Adaptation[J]. Journal of Computer Research and Development, 2014, 51(1): 215-224.
[6]	Li Shanqing, Tang Liang, Liu Keyan, Wang Lei. A Fast and Adaptive Object Tracking Method[J]. Journal of Computer Research and Development, 2012, 49(2): 383-391.
[7]	Huang Tianqiang, Yu Yangqiang, Guo Gongde, Qin Xiaolin. Trajectory Outlier Detection Based on Semi-Supervised Technology[J]. Journal of Computer Research and Development, 2011, 48(11): 2074-2082.
[8]	An Guocheng, Zhang Fengjun, Wang Hongan, and Dai Guozhong. Multi-Window Target Tracking[J]. Journal of Computer Research and Development, 2011, 48(11): 2023-2030.
[9]	Guo Kangde, Zhang Mingmin, Sun Chao, Li Yang, Tang Xing. 3D Fingertip Tracking Algorithm Based on Computer Vision[J]. Journal of Computer Research and Development, 2010, 47(6): 1013-1019.
[10]	Li Guohui and Zhong Xiya. Indexing Moving Objects Trajectories on Fixed Networks[J]. Journal of Computer Research and Development, 2006, 43(5): 828-833.