| 注册
首页|期刊导航|信息安全研究|基于小样本学习的源码漏洞检测

基于小样本学习的源码漏洞检测

陈洪森 方勇 郝城凌 杨运涛 张棋

信息安全研究2024,Vol.10Issue(5):440-445,6.
信息安全研究2024,Vol.10Issue(5):440-445,6.DOI:10.12379/j.issn.2096-1057.2024.05.07

基于小样本学习的源码漏洞检测

Source Code Vulnerability Detection Based on Few-shot Learning

陈洪森 1方勇 1郝城凌 1杨运涛 1张棋2

作者信息

  • 1. 四川大学网络空间安全学院 成都 610207
  • 2. 成都市互联网信息中心 成都 610041
  • 折叠

摘要

Abstract

Source code vulnerability detection is an important means to discover and localize threats to critical systems.At present,the application of deep learning techniques to source generation vulnerability detection has become a research hotspot.However,due to the lack of source code vulnerability samples,limited data condition resources lead to the poor effect of existing source code vulnerability detection methods in small sample scenarios.In this paper,we propose a source code vulnerability detection method based on few-shot learning,which aims to provide a solution for source code vulnerability detection scenarios with limited sample size.The method in this paper consists of four key components:source code slicing and encoding,meta-learning based dataset processing,vulnerability class vector generation based on dynamic routing algorithms,and vulnerability class vector matching based on neural tensor networks.This paper's method is compared with convolutional neural network,prototype network,and relational network,and the experimental results show that this paper's method outperforms the others in terms of accuracy,and can effectively cope with the problem of sparse vulnerability samples in source code.In the case of 2-way 5-shot and 2-way 10-shot,this paper's method achieves 93.92%and 95.08%accuracy,respectively.

关键词

小样本学习/漏洞检测/归纳网络/代码切片/元学习

Key words

few-shot learning/vulnerability detection/induction network/code slicing/meta-learning

分类

信息技术与安全科学

引用本文复制引用

陈洪森,方勇,郝城凌,杨运涛,张棋..基于小样本学习的源码漏洞检测[J].信息安全研究,2024,10(5):440-445,6.

信息安全研究

OA北大核心CSTPCD

2096-1057

访问量0
|
下载量0
段落导航相关论文