SVulDetector: Vulnerability detection based on similarity using tree-based attention and weighted graph embedding mechanisms

计算机科学 脆弱性(计算) 编码(集合论) 图形 钥匙(锁) 嵌入 图嵌入 数据挖掘 理论计算机科学 人工智能 计算机安全 程序设计语言 集合(抽象数据类型)
作者
Weining Zheng,Xiaohong Su,Hongwei Wei,Wenxin Tao
出处
期刊:Computers & Security [Elsevier BV]
卷期号:144: 103930-103930
标识
DOI:10.1016/j.cose.2024.103930
摘要

Vulnerability detection by comparing similarities with known vulnerable code is an important method for improving code security, and is particularly effective in detecting vulnerabilities caused by code reuse. However, vulnerability detection is made difficult by the existence of some different and vulnerability-unrelated statements between codes with the same vulnerability pattern, as well as the small differences between vulnerable and fixed non-vulnerable codes. To address these challenges, we believe that more attention needs to be paid to some core syntactic and semantic information about vulnerabilities, which can help models more accurately identify vulnerable code. Hence, we propose a novel code-similarity-based vulnerability detection approach named SVulDetector. First, it contains a new code representation, called Sliced Composite Graphs (SCGs), which can represent rich syntactic and semantic information related to vulnerable statements while minimizing the interference from similar vulnerability irrelevant information as much as possible. Next, a tree-based attention mechanism is used to highlight certain key syntactic information in vulnerable code and fixed non-vulnerable code. Finally, SVulDetector highlights key vulnerable node information in the graph-based code representation via a weighted graph embedding mechanism. We extensively evaluated SVulDetector on an improved real-world dataset using both binary classification and multi-class vulnerability detection tasks, and the proposed SVulDetector outperforms existing state-of-the-art detection methods.
最长约 10秒,即可获得该文献文件

科研通智能强力驱动
Strongly Powered by AbleSci AI
更新
PDF的下载单位、IP信息已删除 (2025-6-4)

科研通是完全免费的文献互助平台,具备全网最快的应助速度,最高的求助完成率。 对每一个文献求助,科研通都将尽心尽力,给求助人一个满意的交代。
实时播报
城南花已开完成签到,获得积分10
1秒前
wickedzz完成签到,获得积分10
1秒前
1秒前
2秒前
yanm发布了新的文献求助10
2秒前
哈哈哈哈哈完成签到,获得积分10
2秒前
青黄应助外向半梅采纳,获得10
2秒前
木头发布了新的文献求助10
3秒前
淡定翠桃完成签到,获得积分20
3秒前
CipherSage应助隐形的文昊采纳,获得10
3秒前
3秒前
晓天完成签到,获得积分10
3秒前
精明曼荷完成签到,获得积分10
3秒前
22发布了新的文献求助10
4秒前
方圆几里完成签到,获得积分10
5秒前
小二郎应助tcf采纳,获得10
5秒前
卷王完成签到,获得积分10
5秒前
lihua完成签到,获得积分20
5秒前
欢喜的小天鹅完成签到 ,获得积分10
5秒前
大模型应助xiaobizaizhi233采纳,获得10
6秒前
小马甲应助KX2024采纳,获得10
7秒前
彩色蘑菇完成签到,获得积分10
7秒前
时尚语梦完成签到 ,获得积分10
7秒前
莹0000发布了新的文献求助10
7秒前
悟空发布了新的文献求助20
7秒前
彭于晏应助chen采纳,获得10
7秒前
02完成签到,获得积分10
8秒前
Yiya完成签到 ,获得积分10
8秒前
jignjing完成签到,获得积分10
9秒前
清脆又蓝完成签到,获得积分20
10秒前
飘逸宛丝完成签到,获得积分10
10秒前
Jasper应助风风风采纳,获得10
10秒前
20250702完成签到 ,获得积分10
11秒前
绿兔子完成签到,获得积分10
11秒前
星辰完成签到,获得积分10
11秒前
genova完成签到,获得积分10
11秒前
李明完成签到,获得积分10
11秒前
ElbingX驳回了dodo应助
12秒前
笛卡尔完成签到,获得积分10
12秒前
12秒前
高分求助中
【提示信息,请勿应助】关于scihub 10000
A new approach to the extrapolation of accelerated life test data 1000
徐淮辽南地区新元古代叠层石及生物地层 500
Coking simulation aids on-stream time 450
北师大毕业论文 基于可调谐半导体激光吸收光谱技术泄漏气体检测系统的研究 390
Phylogenetic study of the order Polydesmida (Myriapoda: Diplopoda) 370
Robot-supported joining of reinforcement textiles with one-sided sewing heads 360
热门求助领域 (近24小时)
化学 材料科学 医学 生物 工程类 有机化学 生物化学 物理 内科学 纳米技术 计算机科学 化学工程 复合材料 遗传学 基因 物理化学 催化作用 冶金 细胞生物学 免疫学
热门帖子
关注 科研通微信公众号,转发送积分 4016130
求助须知:如何正确求助?哪些是违规求助? 3556145
关于积分的说明 11320169
捐赠科研通 3289087
什么是DOI,文献DOI怎么找? 1812382
邀请新用户注册赠送积分活动 887923
科研通“疑难数据库(出版商)”最低求助积分说明 812051