Source code vulnerability analysis method, device and equipment based on combination of semantics and graph representation
The invention belongs to the technical field of network security, and discloses a source code vulnerability analysis method, device and equipment based on combination of semantics and graph representation. According to the technical scheme, the method comprises the following steps that S1, a data se...
Gespeichert in:
| Hauptverfasser: | , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention belongs to the technical field of network security, and discloses a source code vulnerability analysis method, device and equipment based on combination of semantics and graph representation. According to the technical scheme, the method comprises the following steps that S1, a data set is obtained through the Internet; s2, performing natural language model training through the data set obtained in S1; s3, performing graph model training according to the data set obtained in S1; s4, performing classifier MLP training according to the natural language model training parameters and the graph model training parameters; s5, analyzing the vulnerabilities according to the classifier MLP training parameters, the vulnerability analysis accuracy is improved by using a mode based on combination of semantics and graph representation instead of a single representation mode, meanwhile, the semantic representation and the graph structure representation are fused by using an attention mechanism, the accuracy i |
|---|