SFN: A Novel Scalable Feature Network for Vulnerability Representation of Open-Source Codes.

Journal: Computational intelligence and neuroscience
Published Date: Aug 12, 2022

Abstract

Vulnerability detection technology has become a hotspot in the field of software security, and most of the current methods do not have a complete consideration during code characterizing, which leads to problems such as information loss. Therefore, this paper proposes one class of Scalable Feature Network (SFN), a composite feature extraction method based on Continuous Bag of Words and Convolutional Neural Network. In addition, to characterize the source code more comprehensively, we construct multiscale code metrics in terms of semantic-, line-, and function granularity. In order to verify the effectiveness of the SFN, this paper builds a Scalable Vulnerability Detection Model (SVDM) by combining SFN with Bi-LSTM. The experimental results show that the proposed SVDM can obtain precision over 84.3% and recall at 83.4%, respectively, while both FNR and FPR are less than 17%.

Authors

  • Junjun Guo
    School of Computer Science and Engineering, Xi'an Technological University, Xi'an, Shaanxi, China.
  • Zhengyuan Wang
    School of Computer Science and Engineering, Xi'an Technological University, Xi'an, Shaanxi, China.
  • Li Zhang
    Department of Animal Nutrition and Feed Science, College of Animal Science and Technology, Huazhong Agricultural University, Wuhan 430070, China.
  • Yang Xue
    State Key Laboratory of Oral and Maxillofacial Reconstruction and Regeneration, National Clinical Research Center for Oral Diseases, Shaanxi Clinical Research Center for Oral Diseases, Department of Oral and Maxillofacial Surgery, School of Stomatology, The Fourth Military Medical University, Xi'an, China.
  • Kai Long
    School of Computer Science and Engineering, Xi'an Technological University, Xi'an, Shaanxi, China.
  • Xin Jing
    Department of Critical Care Medicine, Shanghai Tenth People's Hospital, School of Medicine, Tongji University, Shanghai, 200072, People's Republic of China.
  • Jing Cheng
    Endoscopy Center and Endoscopy Research Institute, Zhongshan Hospital, Fudan University, Shanghai, China.
  • Guiping Li
    Department of Management Science and Engineering, Business School, Ningbo University, No. 818, Fenghua Road, Ningbo 315211, China.

Keywords

External Resources

Popular Topics
Recent Journals