物联网学报2025,Vol.9Issue(4):125-136,12.DOI:10.11959/j.issn.2096-3750.2025.00519
基于时间因子优化的低空物联网第三方库漏洞轻量化识别方法
Time factor-optimized lightweight identification method for third-party library vulnerabilities in low-altitude IoT
高燕 1罗琴2
作者信息
- 1. 中国电子科技集团公司第三十研究所,四川 成都 610000
- 2. 西南石油大学计算机与软件学院,四川 成都 610000
- 折叠
摘要
Abstract
The core functions of low-altitude Internet of things(IoT),such as communication and navigation heavily rely on third-party libraries.Vulnerabilities in third-party libraries can lead to significant risks such as drone loss of control and data leakage.To address the limitations of existing vulnerability identification methods,such as difficul-ties in promptly detecting vulnerabilities in newly migrated libraries and inefficiencies when running on resource-constrained IoT devices,a migration library vulnerability identification method based on time factor optimization was proposed.By deeply mining migration information from open-source projects,six metrics,including temporal support and label sup-port,were constructed to screen novel and lightweight migration libraries.A streamlined transformer model was em-ployed to detect vulnerabilities in the selected libraries,which reduced the computational burden on edge devices and en-abled light-weight yet accurate vulnerability identification.Experimental results demonstrated that the proposed method achieved an average F1-score of 0.78 in vulnerability identification tasks,outperforming mainstream approaches by more than 10%.Training time was reduced by approximately 58%,and the average prediction time was only 4.7 ms.The method effectively enhanced both the security and real-time performance of library migration in low-altitude scenarios,providing efficient protection for low-altitude IoT devices.关键词
低空物联网/第三方库/漏洞识别/时间因子Key words
low-altitude IoT/third-party libraries/vulnerability identification/time factor分类
信息技术与安全科学引用本文复制引用
高燕,罗琴..基于时间因子优化的低空物联网第三方库漏洞轻量化识别方法[J].物联网学报,2025,9(4):125-136,12.
