计算机工程与应用2019,Vol.55Issue(11):52-59,8.DOI:10.3778/j.issn.1002-8331.1809-0076
开源软件漏洞检测的混合深度学习方法
Combined Deep Learning Method for Open Source Software Vulnerability Detection
摘要
Abstract
Aiming at the problem of uneven quality or security risks of open source software, this paper proposes an open source software vulnerability detection method based on hybrid deep learning mode(l DCnnGRU). In this paper, the control flow graph is constructed with the key points in the vulnerability library as the entry point, and the code segment with the call and transfer relationship with the key point is extracted from the static code, and the code segment is digitized into a fixed length feature vector and used as the input of the DCnnGRU model. The model uses the Convolutional Neural Network(CNN)as an interface to interact with the feature vector. The Gated Recurrent Unit(GRU)is embedded in the middle of the CNN as a gating mechanism for capturing code call relationships. The DCnnGRU model first performs convolution and pooling processing, and the convolution kernel and the pooling window perform dimensionality reduction operations on the vector. Secondly, the GRU is embedded as an intermediate layer between the pooled layer and the fully connected layer, and can retain the call and transfer relationships between code data. Finally, the full connection layer is used to complete the normalization process, and the processed feature vector is sent to the softmax classifier for classification, and the output result is obtained. The experimental results verify that the DCnnGRU model has higher vulnerability detection capability than the CNN and RNN models alone. The accuracy rate is 7% higher than RNN and 3% higher than CNN.关键词
开源软件/漏洞检测/深度学习/卷积神经网络/门控循环单元Key words
open source software/vulnerability detection/deep learning/Convolutional Neural Network(CNN)/Gated Recurrent Uni(t GRU)分类
信息技术与安全科学引用本文复制引用
李元诚,崔亚奇,吕俊峰,来风刚,张攀..开源软件漏洞检测的混合深度学习方法[J].计算机工程与应用,2019,55(11):52-59,8.基金项目
国家电网公司总部科技项目(No.SGFJXT00YJJS1800074). (No.SGFJXT00YJJS1800074)
