1 |
吴世忠,郭涛,董国伟,等. 软件漏洞分析技术进展[J]. 清华大学学报(自然科学版), 2012, 52(10): 1309-1319.
|
|
WU S Z, GUO T, DONG G W, et al. Software vulnerability analyses: a road map[J]. Journal of Tsinghua University (Science and Technology), 2012, 52(10): 1309-1319.
|
2 |
李舟军,张俊贤,廖湘科,等. 软件安全漏洞检测技术[J]. 计算机学报, 2015, 38(4): 717-732. 10.3724/SP.J.1016.2015.00717
|
|
LI Z J, ZHANG J X, LIAO X K, et al. Survey of software vulnerability detection techniques[J]. Chinese Journal of Computers, 2015, 38(4): 717-732. 10.3724/SP.J.1016.2015.00717
|
3 |
李珍,邹德清,王泽丽,等. 面向源代码的软件漏洞静态检测综述[J]. 网络与信息安全学报, 2019, 5(1): 1-14. 10.11959/j.issn.2096-109x.2019001
|
|
LI Z, ZOU D Q, WANG Z L, et al. Survey on static software vulnerability detection for source code[J]. Chinese Journal of Network and Information Security, 2019, 5(1): 1-14. 10.11959/j.issn.2096-109x.2019001
|
4 |
CADAR C, DUNBAR D, ENGLER D. KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs[C]// Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation. Berkeley: USENIX Association, 2008: 209-224.
|
5 |
CHIPOUNOV V, KUZNETSOV V, CANDEA G. S2E: a platform for in-vivo multi-path analysis of software systems[C]// Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2011: 265-278. 10.1145/1950365.1950396
|
6 |
BALDONI R, COPPA E, D’ELIA D C, et al. A survey of symbolic execution techniques[J]. ACM Computing Surveys, 2018, 51(3): No.50. 10.1145/3182657
|
7 |
GODEFROID P, LEVIN M Y, MOLNAR D A. Automated whitebox fuzz testing[C/OL]// Proceedings of the 2008 Network and Distributed System Security Symposium. [2021-03-14]. . 10.1145/2093548.2093564
|
8 |
李韵,黄辰林,王中锋,等. 基于机器学习的软件漏洞挖掘方法综述[J]. 软件学报, 2020, 31(7): 2040-2061. 10.13328/j.cnki.jos.006055
|
|
LI Y, HUANG C L, WANG Z F, et al. Survey of software vulnerability mining methods based on machine learning[J]. Journal of Software, 2020, 31(7): 2040-2061. 10.13328/j.cnki.jos.006055
|
9 |
孙鸿宇,何远,王基策,等. 人工智能技术在安全漏洞领域的应用[J]. 通信学报, 2018, 39(8): 1-17. 10.11959/j.issn.1000-436x.2018137
|
|
SUN H Y, HE Y, WANG J C, et al. Application of artificial intelligence technology in the field of security vulnerability[J]. Journal on Communications, 2018, 39(8): 1-17. 10.11959/j.issn.1000-436x.2018137
|
10 |
SHIN Y, WILLIAMS L. Can traditional fault prediction models be used for vulnerability prediction?[J]. Empirical Software Engineering, 2013, 18(1): 25-59. 10.1007/s10664-011-9190-8
|
11 |
YOUNIS A, MALAIYA Y, ANDERSON C, et al. To fear or not to fear that is the question: code characteristics of a vulnerable function with an existing exploit[C]// Proceedings of the 6th ACM Conference on Data and Application Security and Privacy. New York: ACM, 2016: 97-104. 10.1145/2857705.2857750
|
12 |
WALDEN J, STUCKMAN J, SCANDARIATO R. Predicting vulnerable components: software metrics vs text mining[C]// Proceedings of the IEEE 25th International Symposium on Software Reliability Engineering. Piscataway: IEEE, 2014: 23-33. 10.1109/issre.2014.32
|
13 |
SHIN Y, MENEELY A, WILLIAMS L, et al. Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities[J]. IEEE Transactions on Software Engineering, 2011, 37(6): 772-787. 10.1109/tse.2010.81
|
14 |
BOSU A, CARVER J, HAFIZ M, et al. Identifying the characteristics of vulnerable code changes: an empirical study[C]// Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering. New York: ACM, 2014: 257-268. 10.1145/2635868.2635880
|
15 |
王飞雪,李芳. 基于激活漏洞能力条件的软件漏洞自动分类框架[J]. 重庆理工大学学报(自然科学版), 2019, 33(5): 154-160.
|
|
WANG F X, LI F. Software vulnerability automatic classification framework based on activation vulnerability conditions[J]. Journal of Chongqing University of Technology (Natural Science), 2019, 33(5): 154-160.
|
16 |
YAMAGUCHI F, LOTTMANN M, RIECK K. Generalized vulnerability extrapolation using abstract syntax trees[C]// Proceedings of the 28th Annual Computer Security Applications Conference. New York: ACM, 2012: 359-368. 10.1145/2420950.2421003
|
17 |
RUSSELL R, KIM L, HAMILTON L, et al. Automated vulnerability detection in source code using deep representation learning[C]// Proceedings of the 17th IEEE International Conference on Machine Learning and Applications. Piscataway: IEEE, 2018: 757-762. 10.1109/icmla.2018.00120
|
18 |
DUAN X, WU J Z, JI S L, et al. VulSniper: focus your attention to shoot fine-grained vulnerabilities[C]// Proceedings of the 28th International Joint Conference on Artificial Intelligence. California: ijcai.org, 2019: 4665-4671. 10.24963/ijcai.2019/648
|
19 |
LI Z, ZOU D Q, XU S H, et al. VulDeePecker: a deep learning-based system for vulnerability detection[C/OL]// Proceedings of the 2018 Network and Distributed Systems Security Symposium. [2021-03-14]. . 10.14722/ndss.2018.23158
|
20 |
孔维星,叶贵鑫,王焕廷,等.一种基于图卷积网络的源代码漏洞检测方法:中国, 202010168037.0[P]. 2020-07-28.
|
|
KONG W X, YE G X, WANG H T, et al. A source code vulnerability detection method based on graph convolution network: CN, 202010168037.0[P]. 2020-07-28.
|
21 |
YAMAGUCHI F, GOLDE N, ARP D, et al. Modeling and discovering vulnerabilities with code property graphs[C]// Proceedings of the 2014 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2014: 590-604. 10.1109/sp.2014.44
|
22 |
MOONEN L. Generating robust parsers using island grammars[C]// Proceedings of the 8th Working Conference on Reverse Engineering. Piscataway: IEEE, 2001: 13-22. 10.1109/wcre.2001.957806
|
23 |
KIPF T N, WELLING M. Semi-supervised classification with graph convolutional networks[EB/OL]. (2017-02-22) [2021-04-14]..
|
24 |
GILMER J, SCHOENHOLZ S S, RILEY P E, et al. Neural message passing for quantum chemistry[C]// Proceedings of the 34th International Conference on Machine Learning. New York: JMLR.org, 2017: 1263-1272.
|
25 |
SCHLICHTKRULL M, KIPF T N, BLOEM P, et al. Modeling relational data with graph convolutional networks[C]// Proceedings of the 2018 European Semantic Web Conference, LNCS 10843/LNISA 10843. Cham: Springer, 2018: 593-607. 10.1007/978-3-319-93417-4_38
|
26 |
LE Q, MIKOLOV T. Distributed representations of sentences and documents[C]// Proceedings of the 31st International Conference on Machine Learning. New York: JMLR.org, 2014: 1188-1196.
|
27 |
ISPIROVA G, EFTIMOV T, SELJAK B K. Comparing semantic and nutrient value similarities of recipes[C]// Proceedings of the 2019 IEEE International Conference on Big Data. Piscataway: IEEE, 2019: 5131-5139. 10.1109/bigdata47090.2019.9006080
|
28 |
ZHOU Y Q, LIU S Q, SIOW J, et al. Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks[C/OL]// Proceedings of the 33rd Conference on Neural Information Processing Systems. [2021-01-12]..
|
29 |
ZOU D Q, WANG S J, XU S H, et al. μVulDeePecker: a deep learning-based system for multiclass vulnerability detection[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(5): 2224-2236.
|
30 |
LI Z, ZOU D Q, XU S H, et al. SySeVR: a framework for using deep learning to detect software vulnerabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2021(Early Access): 3051525. 10.1109/tdsc.2021.3051525
|