基于图神经网络的工业软件安全漏洞检测方法
投稿时间:2024-02-26  修订日期:2024-04-11  点此下载全文
引用本文:
摘要点击次数: 43
全文下载次数: 0
作者单位邮编
刘勇辰* 上海宝驰信医药科技有限公司 200443
中文摘要:摘要:现有深度学习技术在漏洞检测任务中具有一定缺陷,例如常常因未充分保留代码的完整信息而导致检测效果不佳。基于此,研究提出了一种基于改进图神经网络的漏洞检测方法,旨在全面提升漏洞检测的效率和精度。首先将源代码数据转换成文本信息,然后在传统的图神经网络中加入卷积注意力机制提高特征向量的敏感度,最终搭建了漏洞检测模型并对其性能进行了测试。研究结果表明,所提出的漏洞检测模型在训练集和验证集中分别能取得99.06%和98.58%的平均检测精度,其均方误差低至1.08。在实际应用中,该模型的误报率和漏报率分别低至0.02%和0.01%。由此可见所搭建的漏洞检测模型具有较好的检测性能,能够有效完成漏洞检测任务。
中文关键词:关键词:漏洞数据  GNN  图结构  检测  软件安全
 
A graph neural network-based approach to industrial software security vulnerability detection
Abstract:Abstract: Existing deep learning techniques have certain shortcomings in the vulnerability detection task, such as often poor detection results due to insufficient retention of the complete information of the code. Based on this, the study proposes a vulnerability detection method based on improved graph neural networks, aiming to comprehensively improve the efficiency and accuracy of vulnerability detection. Firstly, the source code data is converted into textual information, and then a convolutional attention mechanism is added to the traditional graph neural network to improve the sensitivity of the feature vectors, and finally the vulnerability detection model is constructed and its performance is tested. The results show that the proposed vulnerability detection model can achieve an average detection accuracy of 99.06% and 98.58% in the training set and validation set, respectively, and its mean square error is as low as 1.08. In practical applications, the false alarm rate and the leakage rate of the model are as low as 0.02% and 0.01%, respectively. This shows that the constructed vulnerability detection model has good detection performance and can effectively accomplish the vulnerability detection task.
keywords:Keywords: Vulnerability data  GNN  Graph structure  Detection  Software security
查看全文   查看/发表评论   下载pdf阅读器