期刊文献+

基于深度学习的动静结合的漏洞挖掘方法 被引量:2

Dynamic and Static Combination Detecting Method based on Deep Learning
下载PDF
导出
摘要 随着互联网的发展,暴露的安全漏洞不断增多。随着人工智能的不断发展,用深度学习的方法来进行漏洞检测成为热门研究。但是,这类方法相较于传统的模糊测试等方法误报较多,且由于模型可能会学习到较多的训练集上的特征,泛化性较差。因此,提出一种通过相似性漏洞检测和定向模糊测试相结合的方法,通过切片程序定位敏感点并获得代码切片,用于模型训练和检测,从而用模型检测的结果来指导模糊测试。实验结果表明,提出的方法具有良好的效果。 With the development of the Internet,more and more security vulnerabilities have been exposed.With the development of artificial intelligence,vulnerability detection using deep learning method has become a hot research field.However,compared with the traditional fuzzy testing methods,this kind of method will have more false positives,and because the model may learn more features on the training set,the generalization will be poor.In this paper,a method combining similarity vulnerability detection and directed fuzzy testing is proposed.The sensitive points are located by slicing program and code slices are obtained for model training and detection.The results of model checking are used to guide fuzzy testing.Experimental results indicate that the proposed method has good effect.
作者 宁馨 易平 NING Xin;YI Ping(Shanghai Jiao Tong University,Shanghai 200240,China)
机构地区 上海交通大学
出处 《通信技术》 2021年第2期430-436,共7页 Communications Technology
基金 国家重点研发计划(No.2019YFB1405000,2017YFB0802900)。
关键词 漏洞检测 深度学习 代码切片 模糊测试 vulnerability detection deep learning code slice fuzzing
  • 相关文献

参考文献1

二级参考文献3

共引文献1

同被引文献28

引证文献2

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部