Source code vulnerability detection method based on multi-relational graph

Source code vulnerability detection method based on multi-relational graph

A source code vulnerability detection method based on a multi-relational graph comprises the steps that firstly, a C language source code data set is obtained through segmentation from a standard vulnerability database SARD and NVD data set, AST is generated with the help of Joern, and program slice...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZHANG XUEJUN, GUO MEIFENG, ZHANG BIN, ZHOU BO, ZENG YUCHEN, CHEN ZHUO, LIANG SHUBIN, ZHANG YIFAN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A source code vulnerability detection method based on a multi-relational graph comprises the steps that firstly, a C language source code data set is obtained through segmentation from a standard vulnerability database SARD and NVD data set, AST is generated with the help of Joern, and program slices of the AST are obtained; secondly, in order to capture additional grammar information of the AST, a compiler is used for adding an edge carrying additional information to the AST for expansion so as to enhance the structure and connectivity of the AST, and then the enhanced AST is converted into a multi-relation graph; and finally, constructing a multi-relational graph attention network learning embedded vector. A graph attention network is used for extracting a plurality of code relations from a source code, an adjacent matrix and an initial node representation of a multi-relation graph are used for learning a global embedding vector, and the global embedding vector is normalized and fed to a softmax layer for p