Affiliation:
1. School of Cyber Science and Engineering, Sichuan University, Chengdu 610207, China
Abstract
With the increasing use of open-source libraries and secondary development, software projects face security vulnerabilities. Existing studies on source code vulnerability detection rely on natural language processing techniques, but they overlook the intricate dependencies in programming languages. To address this, we propose a framework called Context and Multi-Features-based Vulnerability Detection (CMFVD). CMFVD integrates source code graphs and textual sequences, using a novel slicing method called Context Slicing to capture contextual information. The framework combines graph convolutional networks (GCNs) and bidirectional gated recurrent units (BGRUs) with attention mechanisms to extract local semantic and syntactic information. Experimental results on Software Assurance Reference Datasets (SARDs) demonstrate CMFVD’s effectiveness, achieving the highest F1-score of 0.986 and outperforming other models. CMFVD offers a promising approach to identifying and rectifying security flaws in large-scale codebases.
Reference37 articles.
1. (2023, November 01). Skybox Report. Available online: https://www.skyboxsecurity.com/wp-content/uploads/2022/04/skyboxsecurity-vulnerability-threat-trends-report-2022_041122.pdf.
2. Fortino, G., Guerrieri, A., Pace, P., Savaglio, C., and Spezzano, G. (2022). Iot platforms and security: An analysis of the leading industrial/commercial solutions. Sensors, 22.
3. A framework for anomaly detection and classification in Multiple IoT scenarios;Cauteruccio;Future Gener. Comput. Syst.,2021
4. (2023, November 01). Log4shell, Available online: https://nvd.nist.gov/vuln/detail/CVE-2021-44228.
5. Rahman, F., and Devanbu, P. (2013, January 18–26). How, and why, process metrics are better. Proceedings of the 2013 35th International Conference on Software Engineering (ICSE), San Francisco, CA, USA.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献