Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology
Abstract The current static detection method of network source code vulnerabilities mainly relies on the static analysis of binary code. However, due to the failure to fully simulate the actual operating environment of programs, some vulnerabilities that trigger only under specific conditions are di...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Springer
2025-06-01
|
| Series: | Discover Artificial Intelligence |
| Subjects: | |
| Online Access: | https://doi.org/10.1007/s44163-025-00347-0 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850111785904898048 |
|---|---|
| author | Peng Xiao Lina Zhang Ying Yan Zhenhong Zhang |
| author_facet | Peng Xiao Lina Zhang Ying Yan Zhenhong Zhang |
| author_sort | Peng Xiao |
| collection | DOAJ |
| description | Abstract The current static detection method of network source code vulnerabilities mainly relies on the static analysis of binary code. However, due to the failure to fully simulate the actual operating environment of programs, some vulnerabilities that trigger only under specific conditions are difficult to be found by static detection tools. This limitation increases the difficulty of static analysis. Therefore, a static detection method for multilevel network source code vulnerability based on knowledge graph technology is proposed. Web crawler technology is selected to collect and preprocess vulnerability data to avoid interference from network environment and malicious programs, which leads to redundancy and abnormal vulnerability data. By introducing knowledge graph information and combining word embedding with knowledge embedding, named entities are automatically identified from the preprocessed vulnerability data set. While adopting the joint embedding technology, we can integrate the word embedding and knowledge embedding more effectively, introducing an attention mechanism to enhance the weight of key information. Improve the effectiveness of the named entity identification. The identified named entities are taken as the basic nodes in the knowledge graph to build the multi-level network source code vulnerability knowledge graph, calculate the vulnerability attack error and attack loss, and quantitatively evaluate the accuracy of detection and the potential harm of vulnerabilities. The experimental results show that the proposed method can accurately detect the identification of named entities and vulnerabilities, and has certain positive significance to ensure the network security. |
| format | Article |
| id | doaj-art-7ac18488f56a42508ec1bb2c2f6559df |
| institution | OA Journals |
| issn | 2731-0809 |
| language | English |
| publishDate | 2025-06-01 |
| publisher | Springer |
| record_format | Article |
| series | Discover Artificial Intelligence |
| spelling | doaj-art-7ac18488f56a42508ec1bb2c2f6559df2025-08-20T02:37:33ZengSpringerDiscover Artificial Intelligence2731-08092025-06-015111310.1007/s44163-025-00347-0Static detection method for multi-level network source code vulnerabilities based on knowledge graph technologyPeng Xiao0Lina Zhang1Ying Yan2Zhenhong Zhang3Information Center of China Southern Power Grid Yunnan Power Grid Co., Ltd.Information Center of China Southern Power Grid Yunnan Power Grid Co., Ltd.Information Center of China Southern Power Grid Yunnan Power Grid Co., Ltd.Information Center of China Southern Power Grid Yunnan Power Grid Co., Ltd.Abstract The current static detection method of network source code vulnerabilities mainly relies on the static analysis of binary code. However, due to the failure to fully simulate the actual operating environment of programs, some vulnerabilities that trigger only under specific conditions are difficult to be found by static detection tools. This limitation increases the difficulty of static analysis. Therefore, a static detection method for multilevel network source code vulnerability based on knowledge graph technology is proposed. Web crawler technology is selected to collect and preprocess vulnerability data to avoid interference from network environment and malicious programs, which leads to redundancy and abnormal vulnerability data. By introducing knowledge graph information and combining word embedding with knowledge embedding, named entities are automatically identified from the preprocessed vulnerability data set. While adopting the joint embedding technology, we can integrate the word embedding and knowledge embedding more effectively, introducing an attention mechanism to enhance the weight of key information. Improve the effectiveness of the named entity identification. The identified named entities are taken as the basic nodes in the knowledge graph to build the multi-level network source code vulnerability knowledge graph, calculate the vulnerability attack error and attack loss, and quantitatively evaluate the accuracy of detection and the potential harm of vulnerabilities. The experimental results show that the proposed method can accurately detect the identification of named entities and vulnerabilities, and has certain positive significance to ensure the network security.https://doi.org/10.1007/s44163-025-00347-0Knowledge graphNetwork source codeVulnerability detectionCrawling technologyNamed entity recognition |
| spellingShingle | Peng Xiao Lina Zhang Ying Yan Zhenhong Zhang Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology Discover Artificial Intelligence Knowledge graph Network source code Vulnerability detection Crawling technology Named entity recognition |
| title | Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology |
| title_full | Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology |
| title_fullStr | Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology |
| title_full_unstemmed | Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology |
| title_short | Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology |
| title_sort | static detection method for multi level network source code vulnerabilities based on knowledge graph technology |
| topic | Knowledge graph Network source code Vulnerability detection Crawling technology Named entity recognition |
| url | https://doi.org/10.1007/s44163-025-00347-0 |
| work_keys_str_mv | AT pengxiao staticdetectionmethodformultilevelnetworksourcecodevulnerabilitiesbasedonknowledgegraphtechnology AT linazhang staticdetectionmethodformultilevelnetworksourcecodevulnerabilitiesbasedonknowledgegraphtechnology AT yingyan staticdetectionmethodformultilevelnetworksourcecodevulnerabilitiesbasedonknowledgegraphtechnology AT zhenhongzhang staticdetectionmethodformultilevelnetworksourcecodevulnerabilitiesbasedonknowledgegraphtechnology |