信息安全研究2024,Vol.10Issue(5):440-445,6.DOI:10.12379/j.issn.2096-1057.2024.05.07
基于小样本学习的源码漏洞检测
Source Code Vulnerability Detection Based on Few-shot Learning
陈洪森 1方勇 1郝城凌 1杨运涛 1张棋2
作者信息
- 1. 四川大学网络空间安全学院 成都 610207
- 2. 成都市互联网信息中心 成都 610041
- 折叠
摘要
Abstract
Source code vulnerability detection is an important means to discover and localize threats to critical systems.At present,the application of deep learning techniques to source generation vulnerability detection has become a research hotspot.However,due to the lack of source code vulnerability samples,limited data condition resources lead to the poor effect of existing source code vulnerability detection methods in small sample scenarios.In this paper,we propose a source code vulnerability detection method based on few-shot learning,which aims to provide a solution for source code vulnerability detection scenarios with limited sample size.The method in this paper consists of four key components:source code slicing and encoding,meta-learning based dataset processing,vulnerability class vector generation based on dynamic routing algorithms,and vulnerability class vector matching based on neural tensor networks.This paper's method is compared with convolutional neural network,prototype network,and relational network,and the experimental results show that this paper's method outperforms the others in terms of accuracy,and can effectively cope with the problem of sparse vulnerability samples in source code.In the case of 2-way 5-shot and 2-way 10-shot,this paper's method achieves 93.92%and 95.08%accuracy,respectively.关键词
小样本学习/漏洞检测/归纳网络/代码切片/元学习Key words
few-shot learning/vulnerability detection/induction network/code slicing/meta-learning分类
信息技术与安全科学引用本文复制引用
陈洪森,方勇,郝城凌,杨运涛,张棋..基于小样本学习的源码漏洞检测[J].信息安全研究,2024,10(5):440-445,6.
