SVulDetector: Vulnerability detection based on similarity using tree-based attention and weighted graph embedding mechanisms

计算机科学 脆弱性(计算) 编码(集合论) 图形 钥匙(锁) 嵌入 图嵌入 数据挖掘 理论计算机科学 人工智能 计算机安全 程序设计语言 集合(抽象数据类型)
作者
Weining Zheng,Xiaohong Su,Hongwei Wei,Wenxin Tao
出处
期刊:Computers & Security [Elsevier BV]
卷期号:144: 103930-103930
标识
DOI:10.1016/j.cose.2024.103930
摘要

Vulnerability detection by comparing similarities with known vulnerable code is an important method for improving code security, and is particularly effective in detecting vulnerabilities caused by code reuse. However, vulnerability detection is made difficult by the existence of some different and vulnerability-unrelated statements between codes with the same vulnerability pattern, as well as the small differences between vulnerable and fixed non-vulnerable codes. To address these challenges, we believe that more attention needs to be paid to some core syntactic and semantic information about vulnerabilities, which can help models more accurately identify vulnerable code. Hence, we propose a novel code-similarity-based vulnerability detection approach named SVulDetector. First, it contains a new code representation, called Sliced Composite Graphs (SCGs), which can represent rich syntactic and semantic information related to vulnerable statements while minimizing the interference from similar vulnerability irrelevant information as much as possible. Next, a tree-based attention mechanism is used to highlight certain key syntactic information in vulnerable code and fixed non-vulnerable code. Finally, SVulDetector highlights key vulnerable node information in the graph-based code representation via a weighted graph embedding mechanism. We extensively evaluated SVulDetector on an improved real-world dataset using both binary classification and multi-class vulnerability detection tasks, and the proposed SVulDetector outperforms existing state-of-the-art detection methods.
最长约 10秒,即可获得该文献文件

科研通智能强力驱动
Strongly Powered by AbleSci AI
更新
PDF的下载单位、IP信息已删除 (2025-6-4)

科研通是完全免费的文献互助平台,具备全网最快的应助速度,最高的求助完成率。 对每一个文献求助,科研通都将尽心尽力,给求助人一个满意的交代。
实时播报
老阎应助科研通管家采纳,获得30
刚刚
orixero应助科研通管家采纳,获得10
1秒前
汉堡包应助科研通管家采纳,获得10
1秒前
1秒前
小马甲应助科研通管家采纳,获得10
1秒前
科研白菜白完成签到,获得积分10
1秒前
慕青应助科研通管家采纳,获得10
1秒前
大模型应助科研通管家采纳,获得10
1秒前
无花果应助科研通管家采纳,获得10
1秒前
英俊的铭应助科研通管家采纳,获得20
1秒前
1秒前
SciGPT应助科研通管家采纳,获得10
1秒前
科研乞丐应助科研通管家采纳,获得20
1秒前
jjj应助科研通管家采纳,获得20
1秒前
小二郎应助科研通管家采纳,获得10
1秒前
小马甲应助科研通管家采纳,获得30
1秒前
桐桐应助科研通管家采纳,获得10
1秒前
ding应助科研通管家采纳,获得10
1秒前
1秒前
烟花应助科研通管家采纳,获得10
1秒前
1秒前
1秒前
1秒前
充电宝应助科研通管家采纳,获得10
1秒前
zpt完成签到,获得积分10
2秒前
爱学习的瑞瑞子完成签到 ,获得积分10
2秒前
pauchiu完成签到,获得积分0
2秒前
jay完成签到,获得积分10
2秒前
3秒前
4秒前
5秒前
xixi完成签到 ,获得积分10
5秒前
杜熙完成签到,获得积分10
5秒前
7秒前
8秒前
gougoutu发布了新的文献求助10
9秒前
liugm发布了新的文献求助10
9秒前
泡沫发布了新的文献求助10
9秒前
mysong发布了新的文献求助10
10秒前
嘻嘻哈哈完成签到 ,获得积分10
10秒前
高分求助中
【提示信息,请勿应助】关于scihub 10000
Les Mantodea de Guyane: Insecta, Polyneoptera [The Mantids of French Guiana] 3000
徐淮辽南地区新元古代叠层石及生物地层 3000
The Mother of All Tableaux: Order, Equivalence, and Geometry in the Large-scale Structure of Optimality Theory 3000
Global Eyelash Assessment scale (GEA) 1000
Picture Books with Same-sex Parented Families: Unintentional Censorship 550
Research on Disturbance Rejection Control Algorithm for Aerial Operation Robots 500
热门求助领域 (近24小时)
化学 材料科学 医学 生物 工程类 有机化学 生物化学 物理 内科学 纳米技术 计算机科学 化学工程 复合材料 遗传学 基因 物理化学 催化作用 冶金 细胞生物学 免疫学
热门帖子
关注 科研通微信公众号,转发送积分 4038619
求助须知:如何正确求助?哪些是违规求助? 3576294
关于积分的说明 11375058
捐赠科研通 3306084
什么是DOI,文献DOI怎么找? 1819374
邀请新用户注册赠送积分活动 892698
科研通“疑难数据库(出版商)”最低求助积分说明 815066