Dual-granularity lightweight model for vulnerability code slicing method assessment
Aiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code s...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-11-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539174968066048 |
|---|---|
| author | Bing ZHANG Zheng WEN Yuxuan ZHAO Ning WANG Jiadong REN |
| author_facet | Bing ZHANG Zheng WEN Yuxuan ZHAO Ning WANG Jiadong REN |
| author_sort | Bing ZHANG |
| collection | DOAJ |
| description | Aiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code slicing evaluation (VCSE) model was proposed.Aiming at the code snippet, a lightweight fusion model of TF-IDF and N-gram was constructed, which bypassed the OOV problem efficiently, and the semantic and statistical features of code slices were extracted based on the double granularity of words and characters.A heterogeneous integrated classifier with high accuracy and generalization performance was designed for vulnerability prediction and analysis.The experimental results show that the evaluation effect of lightweight VCSE is obviously better than that of the current widely used deep learning model. |
| format | Article |
| id | doaj-art-1b42b8cae15d4d17a344f444fb092ac3 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2021-11-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-1b42b8cae15d4d17a344f444fb092ac32025-01-14T07:23:12ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-11-014223324159746368Dual-granularity lightweight model for vulnerability code slicing method assessmentBing ZHANGZheng WENYuxuan ZHAONing WANGJiadong RENAiming at the problems existing in the assessment of existing vulnerability code slicing method, such as incomplete extraction of slicing information, high model complexity and poor generalization ability, and no feedback in the evaluation process, a dual-granularity lightweight vulnerability code slicing evaluation (VCSE) model was proposed.Aiming at the code snippet, a lightweight fusion model of TF-IDF and N-gram was constructed, which bypassed the OOV problem efficiently, and the semantic and statistical features of code slices were extracted based on the double granularity of words and characters.A heterogeneous integrated classifier with high accuracy and generalization performance was designed for vulnerability prediction and analysis.The experimental results show that the evaluation effect of lightweight VCSE is obviously better than that of the current widely used deep learning model.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/code slicingvulnerability predictionout of vocabularylightweightassessment method |
| spellingShingle | Bing ZHANG Zheng WEN Yuxuan ZHAO Ning WANG Jiadong REN Dual-granularity lightweight model for vulnerability code slicing method assessment Tongxin xuebao code slicing vulnerability prediction out of vocabulary lightweight assessment method |
| title | Dual-granularity lightweight model for vulnerability code slicing method assessment |
| title_full | Dual-granularity lightweight model for vulnerability code slicing method assessment |
| title_fullStr | Dual-granularity lightweight model for vulnerability code slicing method assessment |
| title_full_unstemmed | Dual-granularity lightweight model for vulnerability code slicing method assessment |
| title_short | Dual-granularity lightweight model for vulnerability code slicing method assessment |
| title_sort | dual granularity lightweight model for vulnerability code slicing method assessment |
| topic | code slicing vulnerability prediction out of vocabulary lightweight assessment method |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021196/ |
| work_keys_str_mv | AT bingzhang dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment AT zhengwen dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment AT yuxuanzhao dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment AT ningwang dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment AT jiadongren dualgranularitylightweightmodelforvulnerabilitycodeslicingmethodassessment |