• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE transactions on dependable and secure computing >$mu$μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection
【24h】

$mu$μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

机译:<内联公式> $ mu $ <替代品> μ “/ renternatives”/ leinline-formula pernvepecker:基于深入的学习系统,用于多级漏洞检测

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Fine-grained software vulnerability detection is an important and challenging problem. Ideally, a detection system (or detector) not only should be able to detect whether or not a program contains vulnerabilities, but also should be able to pinpoint the type of a vulnerability in question. Existing vulnerability detection methods based on deep learning can detect the presence of vulnerabilities (i.e., addressing the binary classification or detection problem), but cannot pinpoint types of vulnerabilities (i.e., incapable of addressing multiclass classification). In this paper, we propose the first deep learning-based system for multiclass vulnerability detection, dubbed mu VulDeePecker. The key insight underlying mu VulDeePecker is the concept of code attention, which can capture information that can help pinpoint types of vulnerabilities, even when the samples are small. For this purpose, we create a dataset from scratch and use it to evaluate the effectiveness of mu VulDeePecker. Experimental results show that mu VulDeePecker is effective for multiclass vulnerability detection and that accommodating control-dependence (other than data-dependence) can lead to higher detection capabilities.
机译:细粒度软件漏洞检测是一个重要且挑战性的问题。理想情况下,检测系统(或探测器)不仅应该能够检测程序是否包含漏洞,还应该能够确定有问题的漏洞的类型。基于深度学习的现有漏洞检测方法可以检测漏洞的存在(即,解决二进制分类或检测问题),但不能针对漏洞的类型(即,无法寻址多字数分类)。在本文中,我们提出了一种基于深度学习的多级漏洞检测系统,称为Mu Vuldeeper。 Mu Vuldeeper的关键洞察力是代码注意的概念,它可以捕获有助于确定漏洞类型的信息,即使样本很小。为此目的,我们从头开始创建一个数据集,并使用它来评估MU vuldeepecter的有效性。实验结果表明,MU vuldeepercer对多种多组漏洞检测有效,并且容纳控制依赖性(除数据依赖性)可能导致更高的检测能力。

著录项

  • 来源
  • 作者

    Zou Deqing; Wang Sujuan; Xu Shouhuai; Li Zhen; Jin Hai;

  • 作者单位

    Huazhong Univ Sci & Technol Natl Engn Res Ctr Big Data Technol & Syst Big Data Secur Engn Res Ctr Cluster & Grid Comp L Sch Cyber Sci & Engn Serv Comp Technol & Syst Lab Wuhan 430074 Hubei Peoples R China|Shenzhen Huazhong Univ Sci & Technol Res Inst Shenzhen 518057 Peoples R China;

    Huazhong Univ Sci & Technol Natl Engn Res Ctr Big Data Technol & Syst Big Data Secur Engn Res Ctr Cluster & Grid Comp L Sch Cyber Sci & Engn Serv Comp Technol & Syst Lab Wuhan 430074 Hubei Peoples R China;

    Univ Texas San Antonio Dept Comp Sci San Antonio TX 78249 USA;

    Huazhong Univ Sci & Technol Natl Engn Res Ctr Big Data Technol & Syst Big Data Secur Engn Res Ctr Cluster & Grid Comp L Sch Cyber Sci & Engn Serv Comp Technol & Syst Lab Wuhan 430074 Hubei Peoples R China;

    Huazhong Univ Sci & Technol Natl Engn Res Ctr Big Data Technol & Syst Big Data Secur Engn Res Ctr Cluster & Grid Comp L Sch Cyber Sci & Engn Serv Comp Technol & Syst Lab Wuhan 430074 Hubei Peoples R China;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Vulnerability detection; multiclass classification; data-dependence; control-dependence; code gadget; code attention; deep learning;

    机译:漏洞检测;多种分类;数据依赖;控制依赖;代码小工具;代码注意;深入学习;

相似文献

  • 外文文献
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号