四川大学学报(自然科学版)2024,Vol.61Issue(4):163-171,9.DOI:10.19907/j.0490-6756.2024.042008
一种基于强化学习的软件安全实体关系预测方法
A method for predicting software security entity relationships based on reinforcement learning
摘要
Abstract
Existing methods for entity relation prediction in translation-based software security knowledge graph lack interpretability,while those based on path reasoning exhibit low accuracy.To alleviate this issue,a reinforcement learning-based prediction method is proposed.This method first represents the structural in-formation and descriptive information of the software security knowledge graph as low-dimensional vectors us-ing the TuckER model and SBERT model respectively.Then,it models the entity relation prediction process as a reinforcement learning process,integrating the scores computed by the TuckER model into the reward function of reinforcement learning.The method further employs input entity relation vectors to train the policy network of reinforcement learning.Finally,it utilizes beam search to obtain ranked lists of answer entities and corresponding inference paths.Experimental results demonstrate that this method provides relation paths for all predicted results.In link prediction experiments(h,r,?),the hit@5 is 0.426,hit@10 is 0.797,and MRR is 0.672.In fact prediction experiments,the accuracy is 0.802,and precision is 0.916.In terms of ac-curacy,compared with similar entity relation prediction models,this method shows varying degrees of im-provement.Furthermore,through interpretability analysis experiments,the interpretability of this method is validated.关键词
软件安全实体关系/强化学习/链接预测/知识图谱/可解释推理Key words
Software security entity relationship/Reinforcement learning/Link prediction/Knowledge graph/Explainable reasoning分类
计算机与自动化引用本文复制引用
杨鹏,刘亮,张磊,刘林,李子强,贾凯..一种基于强化学习的软件安全实体关系预测方法[J].四川大学学报(自然科学版),2024,61(4):163-171,9.基金项目
四川省科技计划项目资助(2022YFG0171) (2022YFG0171)
专职博士后研发基金资助(SCU221092) (SCU221092)
