网络与信息安全学报2025,Vol.11Issue(6):36-62,27.DOI:10.11959/j.issn.2096-109x.2025065
基于代码相似性的软件漏洞检测研究进展
Research progress on detection of software vulnerabilities based on code similarity
摘要
Abstract
Software vulnerabilities have long been a key threat to the field of network and information security,and vulnerability detection is the primary technical means to mitigate such threats.Vulnerability detection based on code similarity offers the advantages of scalability and low cost,particularly when combined with artificial intelli-gence technologies such as graph neural networks and recurrent neural networks,further enhancing its accuracy and applicability,making it a research hotspot in this field.This paper systematically reviews the progress of soft-ware vulnerability detection based on code similarity in the past seven years:from the perspective of datasets,it analyzes the categories,granularity,scale,and balance of vulnerability sample datasets;from the perspective of code preprocessing,it summarizes two types of methods:code cleaning and standardization,and disassembly and intermediate language representation;from the perspective of code representation,it categorizes six schemes of de-tection mechanisms,advantages and disadvantages,and applicable scenarios based on code snippets,hashes,trees,graphs,metrics,and hybrid representations,and compares their detection performance and overhead under unified evaluation metrics.Furthermore,it distills the categories and characteristics of the machine learning techniques em-ployed.Finally,it summarizes the challenges faced by this research and looks forward to future research directions.关键词
漏洞检测/代码相似性/机器学习/代码表征/图神经网络/循环神经网络Key words
vulnerability detection/code similarity/machine learning/code representation/graph neural network/re-current neural network分类
信息技术与安全科学引用本文复制引用
LI Qinghao,LIU Chunling,TANG Yonghe,DONG Weiyu..基于代码相似性的软件漏洞检测研究进展[J].网络与信息安全学报,2025,11(6):36-62,27.基金项目
河南省重点研发专项计划(221111210300) The Key R&D Special Program of Henan Province(221111210300) (221111210300)
