Cargando…
SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes
Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature N...
| Autores principales: | , , , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Hindawi
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9391134/ https://www.ncbi.nlm.nih.gov/pubmed/35990141 http://dx.doi.org/10.1155/2022/2998448 |
| _version_ | 1784770804542603264 |
|---|---|
| author | Guo, Junjun Wang, Zhengyuan Zhang, Li Xue, Yang Long, Kai Jing, Xin Cheng, Jing Li, Guiping |
| author_facet | Guo, Junjun Wang, Zhengyuan Zhang, Li Xue, Yang Long, Kai Jing, Xin Cheng, Jing Li, Guiping |
| author_sort | Guo, Junjun |
| collection | PubMed |
| description | Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature Network (SFN), a composite feature extraction method based on Continuous Bag of Words and Convolutional Neural Network. In addition, to characterize the source code more comprehensively, we construct multiscale code metrics in terms of semantic-, line-, and function granularity. In order to verify the effectiveness of the SFN, this paper builds a Scalable Vulnerability Detection Model (SVDM) by combining SFN with Bi-LSTM. The experimental results show that the proposed SVDM can obtain precision over 84.3% and recall at 83.4%, respectively, while both FNR and FPR are less than 17%. |
| format | Online Article Text |
| id | pubmed-9391134 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | Hindawi |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-93911342022-08-20 SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes Guo, Junjun Wang, Zhengyuan Zhang, Li Xue, Yang Long, Kai Jing, Xin Cheng, Jing Li, Guiping Comput Intell Neurosci Research Article Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature Network (SFN), a composite feature extraction method based on Continuous Bag of Words and Convolutional Neural Network. In addition, to characterize the source code more comprehensively, we construct multiscale code metrics in terms of semantic-, line-, and function granularity. In order to verify the effectiveness of the SFN, this paper builds a Scalable Vulnerability Detection Model (SVDM) by combining SFN with Bi-LSTM. The experimental results show that the proposed SVDM can obtain precision over 84.3% and recall at 83.4%, respectively, while both FNR and FPR are less than 17%. Hindawi 2022-08-12 /pmc/articles/PMC9391134/ /pubmed/35990141 http://dx.doi.org/10.1155/2022/2998448 Text en Copyright © 2022 Junjun Guo et al. https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. |
| spellingShingle | Research Article Guo, Junjun Wang, Zhengyuan Zhang, Li Xue, Yang Long, Kai Jing, Xin Cheng, Jing Li, Guiping SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title | SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title_full | SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title_fullStr | SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title_full_unstemmed | SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title_short | SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes |
| title_sort | sfn: a novel scalable feature network for vulnerability representation of open-source codes |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9391134/ https://www.ncbi.nlm.nih.gov/pubmed/35990141 http://dx.doi.org/10.1155/2022/2998448 |
| work_keys_str_mv | AT guojunjun sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT wangzhengyuan sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT zhangli sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT xueyang sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT longkai sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT jingxin sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT chengjing sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes AT liguiping sfnanovelscalablefeaturenetworkforvulnerabilityrepresentationofopensourcecodes |