LLVM-based vulnerability fine-grained positioning method

LLVM-based vulnerability fine-grained positioning method

The invention relates to a vulnerability fine-grained positioning method based on LLVM. The method comprises the following steps: (1) constructing an abstract syntax tree of a source code: generating the abstract syntax tree of the source code by using a front-end tool Clang based on LLVM; four type...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHANG YIYUN, ZHANG XUEJUN, ZHANG LEI, LIU DONGQING, ZHOU BO, ZHANG XUN, BAI WANRONG, WANG DI, ZHAO JINXIONG, WEI FENG, DU CHAOBEN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to a vulnerability fine-grained positioning method based on LLVM. The method comprises the following steps: (1) constructing an abstract syntax tree of a source code: generating the abstract syntax tree of the source code by using a front-end tool Clang based on LLVM; four types of vulnerability code features are defined respectively; (2) feature extraction; (3) model training: i, obtaining a sensitive intermediate code snippet, and generating IRVCs; ii, performing data vectorization representation based on a word embedding model; iii, training a vulnerability fine-grained positioning model: taking the vectorized representation of the obtained fine-grained program slice IRVCs containing vulnerability position information as the input of a BGRU model, establishing a BGRU-based vulnerability fine-grained positioning model, adding a fusion layer into the model, sequentially adding a K-max pooling layer and an average pooling layer behind the fusion layer to jointly realize granularity refin