Dual-granularity lightweight model for vulnerability code slicing method assessment

Aiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code s...

Full description

Saved in:
Bibliographic Details
Main Authors: Bing ZHANG, Zheng WEN, Yuxuan ZHAO, Ning WANG, Jiadong REN
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2021-11-01
Series:Tongxin xuebao
Subjects:
Online Access:http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1841539174968066048
author Bing ZHANG
Zheng WEN
Yuxuan ZHAO
Ning WANG
Jiadong REN
author_facet Bing ZHANG
Zheng WEN
Yuxuan ZHAO
Ning WANG
Jiadong REN
author_sort Bing ZHANG
collection DOAJ
description Aiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code slicing evaluation (VCSE) model was proposed.Aiming at the code snippet, a lightweight fusion model of TF-IDF and N-gram was constructed, which bypassed the OOV problem efficiently, and the semantic and statistical features of code slices were extracted based on the double granularity of words and characters.A heterogeneous integrated classifier with high accuracy and generalization performance was designed for vulnerability prediction and analysis.The experimental results show that the evaluation effect of lightweight VCSE is obviously better than that of the current widely used deep learning model.
format Article
id doaj-art-1b42b8cae15d4d17a344f444fb092ac3
institution Kabale University
issn 1000-436X
language zho
publishDate 2021-11-01
publisher Editorial Department of Journal on Communications
record_format Article
series Tongxin xuebao
spelling doaj-art-1b42b8cae15d4d17a344f444fb092ac32025-01-14T07:23:12ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-11-014223324159746368Dual-granularity lightweight model for vulnerability code slicing method assessmentBing ZHANGZheng WENYuxuan ZHAONing WANGJiadong RENAiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code slicing evaluation (VCSE) model was proposed.Aiming at the code snippet, a lightweight fusion model of TF-IDF and N-gram was constructed, which bypassed the OOV problem efficiently, and the semantic and statistical features of code slices were extracted based on the double granularity of words and characters.A heterogeneous integrated classifier with high accuracy and generalization performance was designed for vulnerability prediction and analysis.The experimental results show that the evaluation effect of lightweight VCSE is obviously better than that of the current widely used deep learning model.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/code slicingvulnerability predictionout of vocabularylightweightassessment method
spellingShingle Bing ZHANG
Zheng WEN
Yuxuan ZHAO
Ning WANG
Jiadong REN
Dual-granularity lightweight model for vulnerability code slicing method assessment
Tongxin xuebao
code slicing
vulnerability prediction
out of vocabulary
lightweight
assessment method
title Dual-granularity lightweight model for vulnerability code slicing method assessment
title_full Dual-granularity lightweight model for vulnerability code slicing method assessment
title_fullStr Dual-granularity lightweight model for vulnerability code slicing method assessment
title_full_unstemmed Dual-granularity lightweight model for vulnerability code slicing method assessment
title_short Dual-granularity lightweight model for vulnerability code slicing method assessment
title_sort dual granularity lightweight model for vulnerability code slicing method assessment
topic code slicing
vulnerability prediction
out of vocabulary
lightweight
assessment method
url http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/
work_keys_str_mv AT bingzhang dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment
AT zhengwen dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment
AT yuxuanzhao dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment
AT ningwang dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment
AT jiadongren dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment