SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes

Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature N...

Descripción completa

Detalles Bibliográficos
Autores principales: Guo, Junjun, Wang, Zhengyuan, Zhang, Li, Xue, Yang, Long, Kai, Jing, Xin, Cheng, Jing, Li, Guiping
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Hindawi 2022
Materias:
Research Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9391134/
https://www.ncbi.nlm.nih.gov/pubmed/35990141
http://dx.doi.org/10.1155/2022/2998448
Descripción
Sumario:Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature Network (SFN), a composite feature extraction method based on Continuous Bag of Words and Convolutional Neural Network. In addition, to characterize the source code more comprehensively, we construct multiscale code metrics in terms of semantic-, line-, and function granularity. In order to verify the effectiveness of the SFN, this paper builds a Scalable Vulnerability Detection Model (SVDM) by combining SFN with Bi-LSTM. The experimental results show that the proposed SVDM can obtain precision over 84.3% and recall at 83.4%, respectively, while both FNR and FPR are less than 17%.

Ejemplares similares