| Software vulnerability is the main threat to information system security.It is mainly because of the high complexity of software.With the explosive growth of the number of software,automated software vulnerability mining technology is an imperative trend.However,the current vulnerability detection is still mainly based on the experience of security engineers,so there exists some disadvantages such as low batch processing efficiency and unstable vulnerability detection rate.This paper studies the artificial intelligence-based vulnerability mining method.By training a large number of vulnerability code samples,the semantics,structure and instruction features of the vulnerability code can be learned,so that the suspicious code can be automatically located.The artificial intelligence-based vulnerability mining in this paper is divided into the following three aspects:(1)Code slicing based on sensitive functions,using bidirectional recurrent neural network to train code,and extracting static semantic features of vulnerability code;(2)Constructing a control flow graph of the program based on intermediate language,combining the structural features of the graph with the semantic features of the intermediate representation,and learning the static features of the vulnerability code;(3)For the executable programs,using the dynamic instrumentation tool to obtain the instruction sequence in the code execution process,and learning the dynamic execution features of vulnerability code.In this paper,a database containing about 180,000 samples of vulnerability code is built.An automated model for detecting vulnerabilities is designed.The accuracy of static detection of vulnerability code can reach up to 90%,and the accuracy of dynamic detection can be over 95%.The detection model improves the automated discovery capabilities and analysis efficiency of software high-risk vulnerabilities. |
PDF Full Text Request