期刊文献+

一种基于改进差分进化算法的源码漏洞检测模型的冷启动方法

Cold start method for source code vulnerability detection model based on improved differential evolution algorithm
下载PDF
导出
摘要 源码漏洞检测作为重要的研究课题,其传统方法在面对规模庞大、脆弱性多样化的代码时,存在人工参与度高、未知漏洞检测能力弱等诸多问题。针对以上问题,基于开放源代码的语法语义信息,提出了改进差分进化算法的源码漏洞检测模型冷启动优化方法。运用源码切片技术、启发式优化算法及神经网络模型,解决了漏洞检测模型在启动之初超参数无法准确选定的问题。对于实验中样本信息冗余和正负样本鲜明特征混和的情况,提出了正负样本鲜明特征交叉剔除的思想以减小模型的漏报率及误报率。实验表明,该方法可以有效加速模型的收敛,使得模型在10个epoch内达到稳定,在提升源码漏洞检测模型准确率的同时其收敛速度比其他模型提升了2~3倍。在后续改进实验中,源码漏洞检测模型在所有类型漏洞的准确率上均提高了1~3个百分点,充分证明了改进措施的有效性。该方法的优化策略和改进措施同样适用于其他神经网络分类模型,可以为漏洞检测领域探索新方法和新模型提供思路。 As an important research topic,source code vulnerability detection has many problems in its traditional methods,such as high manual participation,weak detection ability of unknown vulnerabilities.Aiming at the above problems,based on the syntactic and semantic information of open source code and improved differential evolution algorithm,this paper proposed a cold start optimization method for source code vulnerability detection model.This paper used source code slicing technology,heuristic optimization algorithms and neural network models,which solved the problem that the hyperparameters couldn’t be correctly selected at the beginning of the vulnerability detection model.For the case of sample information redundancy and mixture of positive and negative sample distinctive features in the experiment,it proposed an idea of cross-exclusion of positive and negative sample distinctive features to reduce the false negative rate and false positive rate of the model.Experiments show that this method can effectively accelerate the convergence of the model,and making the model stable within 10 epochs.While improving the accuracy of the source code vulnerability detection model,its convergence speed is 2~3 times higher than other models.In the subsequent improvement experiments,the source code vulnerability detection model has improved the accuracy of each type of vulnerability by 1~3 percentage points,which fully proves the effectiveness of the improvement measures.The optimization strategies and improvement measures of this method are also applicable to other neural network classification mo-dels,and it can provide ideas for exploring new methods and models in the field of vulnerability detection.
作者 袁子龙 吴秋新 刘韧 秦宇 Yuan Zilong;Wu Qiuxin;Liu Ren;Qin Yu(School of Applied Science,Beijing Information Science&Technology University,Beijing 100192,China;Beijing Excellent Network Security Technology Co.,Ltd.,Beijing 100192,China;Trusted Computing&Information Assurance Laboratory,Institute of Software,Chinese Academy of Science,Beijing 100190,China)
出处 《计算机应用研究》 CSCD 北大核心 2023年第7期2170-2178,共9页 Application Research of Computers
基金 国家自然科学基金资助项目(61872343)。
关键词 语法语义 改进差分进化 漏洞检测 BiGRU syntax semantics improved differential evolution vulnerability detection BiGRU
  • 相关文献

参考文献13

二级参考文献76

共引文献282

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部