JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism
Software vulnerabilities pose significant risks to computer systems, impacting our daily lives, productivity, and even our health. Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data breaches. Unfortunately, current vulnerability identificati...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Wang, Jin Huang, Zishan Xiao, Hui Xiao, Yinhao |
| description | Software vulnerabilities pose significant risks to computer systems,
impacting our daily lives, productivity, and even our health. Identifying and
addressing security vulnerabilities in a timely manner is crucial to prevent
hacking and data breaches. Unfortunately, current vulnerability identification
methods, including classical and deep learning-based approaches, exhibit
critical drawbacks that prevent them from meeting the demands of the
contemporary software industry. To tackle these issues, we present JFinder, a
novel architecture for Java vulnerability identification that leverages quad
self-attention and pre-training mechanisms to combine structural information
and semantic representations. Experimental results demonstrate that JFinder
outperforms all baseline methods, achieving an accuracy of 0.97 on the CWE
dataset and an F1 score of 0.84 on the PROMISE dataset. Furthermore, a case
study reveals that JFinder can accurately identify four cases of
vulnerabilities after patching. |
| doi_str_mv | 10.48550/arxiv.2307.15915 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2307_15915</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2307_15915</sourcerecordid><originalsourceid>FETCH-LOGICAL-a675-15627e50e415fba71a2f58141b995373952f6f7517bdaa59d45faa11fadff8d43</originalsourceid><addsrcrecordid>eNotkM1Og0AURtm4MNUHcOV9AZABLgPusLHapv7Fxi25MHfsJHQww0Dat6-trr7FSb7knCC4EXGUFYjxHbm9maIkjWUksBR4GexXC2MVu3uo4LWfuIPKtVvjufWjY9C9gxVNBF9jZ9lRYzrjD7BUbL3RpiVvegsPNLCCj5EUfHKnw8r7E_8lZBW8Ow69I2ON_YYXbrdkzbC7Ci40dQNf_-8s2CweN_PncP32tJxX65ByiaHAPJGMMWcCdUNSUKKxEJloyhJTmZaY6FxLFLJRRFiqDDWREJqU1oXK0llw-3d7Vq9_nNmRO9SnBPU5QXoEbiVX2w</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism</title><source>arXiv.org</source><creator>Wang, Jin ; Huang, Zishan ; Xiao, Hui ; Xiao, Yinhao</creator><creatorcontrib>Wang, Jin ; Huang, Zishan ; Xiao, Hui ; Xiao, Yinhao</creatorcontrib><description>Software vulnerabilities pose significant risks to computer systems,
impacting our daily lives, productivity, and even our health. Identifying and
addressing security vulnerabilities in a timely manner is crucial to prevent
hacking and data breaches. Unfortunately, current vulnerability identification
methods, including classical and deep learning-based approaches, exhibit
critical drawbacks that prevent them from meeting the demands of the
contemporary software industry. To tackle these issues, we present JFinder, a
novel architecture for Java vulnerability identification that leverages quad
self-attention and pre-training mechanisms to combine structural information
and semantic representations. Experimental results demonstrate that JFinder
outperforms all baseline methods, achieving an accuracy of 0.97 on the CWE
dataset and an F1 score of 0.84 on the PROMISE dataset. Furthermore, a case
study reveals that JFinder can accurately identify four cases of
vulnerabilities after patching.</description><identifier>DOI: 10.48550/arxiv.2307.15915</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2023-07</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,881</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2307.15915$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2307.15915$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Wang, Jin</creatorcontrib><creatorcontrib>Huang, Zishan</creatorcontrib><creatorcontrib>Xiao, Hui</creatorcontrib><creatorcontrib>Xiao, Yinhao</creatorcontrib><title>JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism</title><description>Software vulnerabilities pose significant risks to computer systems,
impacting our daily lives, productivity, and even our health. Identifying and
addressing security vulnerabilities in a timely manner is crucial to prevent
hacking and data breaches. Unfortunately, current vulnerability identification
methods, including classical and deep learning-based approaches, exhibit
critical drawbacks that prevent them from meeting the demands of the
contemporary software industry. To tackle these issues, we present JFinder, a
novel architecture for Java vulnerability identification that leverages quad
self-attention and pre-training mechanisms to combine structural information
and semantic representations. Experimental results demonstrate that JFinder
outperforms all baseline methods, achieving an accuracy of 0.97 on the CWE
dataset and an F1 score of 0.84 on the PROMISE dataset. Furthermore, a case
study reveals that JFinder can accurately identify four cases of
vulnerabilities after patching.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotkM1Og0AURtm4MNUHcOV9AZABLgPusLHapv7Fxi25MHfsJHQww0Dat6-trr7FSb7knCC4EXGUFYjxHbm9maIkjWUksBR4GexXC2MVu3uo4LWfuIPKtVvjufWjY9C9gxVNBF9jZ9lRYzrjD7BUbL3RpiVvegsPNLCCj5EUfHKnw8r7E_8lZBW8Ow69I2ON_YYXbrdkzbC7Ci40dQNf_-8s2CweN_PncP32tJxX65ByiaHAPJGMMWcCdUNSUKKxEJloyhJTmZaY6FxLFLJRRFiqDDWREJqU1oXK0llw-3d7Vq9_nNmRO9SnBPU5QXoEbiVX2w</recordid><startdate>20230729</startdate><enddate>20230729</enddate><creator>Wang, Jin</creator><creator>Huang, Zishan</creator><creator>Xiao, Hui</creator><creator>Xiao, Yinhao</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20230729</creationdate><title>JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism</title><author>Wang, Jin ; Huang, Zishan ; Xiao, Hui ; Xiao, Yinhao</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a675-15627e50e415fba71a2f58141b995373952f6f7517bdaa59d45faa11fadff8d43</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Wang, Jin</creatorcontrib><creatorcontrib>Huang, Zishan</creatorcontrib><creatorcontrib>Xiao, Hui</creatorcontrib><creatorcontrib>Xiao, Yinhao</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Wang, Jin</au><au>Huang, Zishan</au><au>Xiao, Hui</au><au>Xiao, Yinhao</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism</atitle><date>2023-07-29</date><risdate>2023</risdate><abstract>Software vulnerabilities pose significant risks to computer systems,
impacting our daily lives, productivity, and even our health. Identifying and
addressing security vulnerabilities in a timely manner is crucial to prevent
hacking and data breaches. Unfortunately, current vulnerability identification
methods, including classical and deep learning-based approaches, exhibit
critical drawbacks that prevent them from meeting the demands of the
contemporary software industry. To tackle these issues, we present JFinder, a
novel architecture for Java vulnerability identification that leverages quad
self-attention and pre-training mechanisms to combine structural information
and semantic representations. Experimental results demonstrate that JFinder
outperforms all baseline methods, achieving an accuracy of 0.97 on the CWE
dataset and an F1 score of 0.84 on the PROMISE dataset. Furthermore, a case
study reveals that JFinder can accurately identify four cases of
vulnerabilities after patching.</abstract><doi>10.48550/arxiv.2307.15915</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2307.15915 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2307_15915 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | JFinder: A Novel Architecture for Java Vulnerability Identification Based Quad Self-Attention and Pre-training Mechanism |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-03T19%3A42%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=JFinder:%20A%20Novel%20Architecture%20for%20Java%20Vulnerability%20Identification%20Based%20Quad%20Self-Attention%20and%20Pre-training%20Mechanism&rft.au=Wang,%20Jin&rft.date=2023-07-29&rft_id=info:doi/10.48550/arxiv.2307.15915&rft_dat=%3Carxiv_GOX%3E2307_15915%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |