摘要
针对漏洞检测领域面临的实验平台不统一、数据集异构等问题,研究词向量模型在C/C++函数漏洞检测方面的应用.用5种词向量模型对源代码生成的抽象语法树结构进行知识表示,用6种神经网络模型进行漏洞检测,实验结果表明,函数级代码具有浅层的语义关系,代码块内部联系紧密.
Aiming at the problems of non-uniform experimental platforms and heterogeneous datasets faced in the field of vulnerability detection,we studied the application of word vector models in C/C++function vulnerability detection.Five word vector models were used for the knowledge representation of the abstract syntax tree structure generated by the source code,and six neural network models were used for vulnerability detection.The experimental results show that function-level code has shallow semantic relationships and tight connections within code blocks.
作者
肖巍
胡景浩
侯正章
王涛
潘超
XIAO Wei;HU Jinghao;HOU Zhengzhang;WANG Tao;PAN Chao(School of Computer Science and Engineering,Changchun University of Technology,Changchun 130012,China;College of Software,Jilin University,Changchun 130012,China)
出处
《吉林大学学报(理学版)》
CAS
北大核心
2023年第6期1358-1366,共9页
Journal of Jilin University:Science Edition
基金
吉林省教育厅科学技术研究项目(批准号:JJKH20220691KJ)。
关键词
词向量模型
漏洞检测
抽象语法树
代码表征
神经网络
word vector model
vulnerability detection
abstract syntax tree
code representation
neural network
