Source code vulnerability detection based on hybrid code representation

doi:10.11772/j.issn.1001-9081.2022071135

Journal of Computer Applications ›› 2023, Vol. 43 ›› Issue (8): 2517-2526.DOI: 10.11772/j.issn.1001-9081.2022071135

• Computer software technology • Previous Articles Next Articles

Source code vulnerability detection based on hybrid code representation

Kun ZHANG, Fengyu YANG(), Fa ZHONG, Guangdong ZENG, Shijian ZHOU

School of Software，Nanchang Hangkong University，Nanchang Jiangxi 330063，China

Received:2022-07-31 Revised:2022-11-07 Accepted:2022-11-07 Online:2023-01-15 Published:2023-08-10
Contact: Fengyu YANG
About author:ZHANG Kun， born in 1998， M. S. candidate. His research interests include source code vulnerability detection.
ZHONG Fa， born in 1999， M. S. candidate. His research interests include software defect prediction.
ZENG Guangdong， born in 1998， M. S. candidate. His research interests include software defect prediction.
ZHOU Shijian， born in 1966， Ph.D.， professor. His research interests include intelligent system.
Supported by:
Natural Science Foundation of Jiangxi Province(20212BAB212009)

基于混合代码表示的源代码脆弱性检测

张琨, 杨丰玉(), 钟发, 曾广东, 周世健

南昌航空大学软件学院，南昌 330063

通讯作者: 杨丰玉
作者简介:张琨（1998—），男，江西新余人，硕士研究生，CCF会员，主要研究方向：源代码脆弱性检测
钟发（1999—），男，江西宜春人，硕士研究生，主要研究方向：软件缺陷预测
曾广东（1998—），男，江西赣州人，硕士研究生，主要研究方向：软件缺陷预测
周世健（1966—），男，江西吉安人，教授，博士，CCF会员，主要研究方向：智能系统。
基金资助:
江西省自然科学基金资助项目(20212BAB212009)

Abstract

Abstract:

Software vulnerabilities pose a great threat to network and information security， and the root of vulnerabilities lies in software source code. Existing traditional static detection tools and deep learning based detection methods do not fully represent code features， and simply use word embedding method to transform code representation， so that their detection results have low accuracy and high false positive rate or high false negative rate. Therefore， a source code vulnerability detection method based on hybrid code representation was proposed to solve the problem of incomplete code representation and improve detection performance. Firstly， source code was compiled into Intermediate Representation （IR）， and the program dependency graph was extracted. Then， structural features were obtained through program slicing based on data flow and control flow analysis. At the same time， unstructural features were obtained by embedding node statements using doc2vec. Next， Graph Neural Network （GNN） was used to learn the hybrid features. Finally， the trained GNN was used for prediction and classification. In order to verify the effectiveness of the proposed method， experimental evaluation was performed on Software Assurance Reference Dataset （SARD） and real-world datasets， and the F1 score of detection results reached 95.3% and 89.6% respectively. Experimental results show that the proposed method has good vulnerability detection ability.

Key words: vulnerability detection, Intermediate Representation (IR), representation learning, Graph Neural Network (GNN), deep learning

摘要：

软件脆弱性对网络与信息安全产生了极大的威胁，而脆弱性的根源在于软件源代码。因为现有的传统静态检测工具和基于深度学习的检测方法没有完整地表示代码特征，并且简单地使用词嵌入方法转换代码表示，所以检测结果准确率低，误报率高或漏报率高。因此，提出了一种基于混合代码表示的源代码脆弱性检测方法来解决代码表示不完整的问题，并提升检测性能。首先将源代码编译为中间表示（IR），并提取程序依赖图；然后基于数据流和控制流分析进行程序切片来得到结构化的特征，同时使用doc2vec嵌入节点语句得到非结构化的特征；接着使用图神经网络（GNN）对混合特征进行学习；最后使用训练好的GNN进行预测和分类。为了验证所提方法的有效性，在软件保证参考数据集（SARD）和真实世界数据集上进行了实验评估，检测结果的F1值分别达到了95.3%和89.6%。实验结果表明，所提方法有较好的脆弱性检测能力。

关键词: 脆弱性检测, 中间表示, 表示学习, 图神经网络, 深度学习

CLC Number:

TP311

Kun ZHANG, Fengyu YANG, Fa ZHONG, Guangdong ZENG, Shijian ZHOU. Source code vulnerability detection based on hybrid code representation[J]. Journal of Computer Applications, 2023, 43(8): 2517-2526.

张琨, 杨丰玉, 钟发, 曾广东, 周世健. 基于混合代码表示的源代码脆弱性检测[J]. 《计算机应用》唯一官方网站, 2023, 43(8): 2517-2526.

Figures/Tables 12

Fig. 1 Overall framework of the proposed method

Fig. 2 Example diagram of program slicing

Tab. 1 Examples of IR preprocessing

LLVM IR语句	预处理后
store i32 %15， i32* %length left， align 4，！dbg！182	store i32 %ID， i32* %ID
br i1 %cmp27， label %if.end30， label %if. then29，！dbg！201	bitcast ［ @INT VAL x %STRUCT TYPE ］， %STRUCT TYPE %ID
%call99 = call i32 @rip6_entry_print（%struct. netdissect_options* %79， %struct.netinfo6* %80， i32 0），！dbg！268	call i32 （%STRUCT_ TYPE， %STRUCT_ TYPE， i32） %FUN0
%ru6_nets32 = bitcast %union.anon%rip6un31 to ［1 x %struct.netinfo6］，！dbg！207	bitcast ［ @INT_VAL x %STRUCT_TYPE ］， %STRUCT_TYPE %ID
call void @llvm.memcpy.p0i8.p0i8.i64（i8* %11， i8* %13， i64 4， i32 2， i1 false），！dbg！474	call void （i8， i8， i64， i32， i1） llvm.memcpy.p0i8.p0i8.i64

Fig. 3 Vectorization of node statements

Fig. 4 Hybrid code representation

Fig. 5 Structure of the proposed model

Tab. 2 Dataset statistics

数据集	#LOI	#Pointer	#Object	#Call	$\| V C F G \|$	$\| E C F G \|$	$\| V D F G \|$	$\| E D F G \|$
CWE-119	7 811 996	2 992 108	59 759	84 857	2 657 488	2 962 382	2 333 565	2 526 699
CWE-20	7 728 477	3 205 748	601 656	65 394	2 828 956	3 133 667	2 420 491	2 420 491
CWE-125	1 528 454	595 807	118 084	16 704	532 091	595 730	466 155	479 682
CWE-190	1 611 932	653 629	108 248	18 250	612 164	690 579	496 601	512 800
CWE-22	7 728 477	3 205 748	601 656	65 394	2 828 956	3 133 667	2 420 491	2 471 687
CWE-399	5 552 545	1 895 244	359 892	63 500	1 780 518	2 013 559	1 419 467	1 566 615
CWE-787	5 525 537	2 129 251	425 057	60 567	1 884 266	2 098 410	1 663 824	1 813 045
CWE-254	14 576 245	5 079 282	965 625	151 987	4 535 930	5 096 619	3 898 307	4 102 872
CWE-400	1 210 852	458 445	71 088	19 654	428 373	495 526	331 910	337 427
CWE-78	703 660	290 148	50 478	5 383	242 148	263 665	217 122	200 428
Lua-5.3.4	68 222	52 585	1 869	4 764	59 055	72 829	100 701	106 830
redis-5.0.8	735 275	401 520	14 461	119 216	45 737	56 505	654 495	778 854
总计	50 067 406	18 337 496	3 424 166	625 006	16 118 260	18 066 536	14 443 657	15 342 334

Tab. 2 Dataset statistics

数据集	#LOI	#Pointer	#Object	#Call	$\| V C F G \|$	$\| E C F G \|$	$\| V D F G \|$	$\| E D F G \|$
CWE-119	7 811 996	2 992 108	59 759	84 857	2 657 488	2 962 382	2 333 565	2 526 699
CWE-20	7 728 477	3 205 748	601 656	65 394	2 828 956	3 133 667	2 420 491	2 420 491
CWE-125	1 528 454	595 807	118 084	16 704	532 091	595 730	466 155	479 682
CWE-190	1 611 932	653 629	108 248	18 250	612 164	690 579	496 601	512 800
CWE-22	7 728 477	3 205 748	601 656	65 394	2 828 956	3 133 667	2 420 491	2 471 687
CWE-399	5 552 545	1 895 244	359 892	63 500	1 780 518	2 013 559	1 419 467	1 566 615
CWE-787	5 525 537	2 129 251	425 057	60 567	1 884 266	2 098 410	1 663 824	1 813 045
CWE-254	14 576 245	5 079 282	965 625	151 987	4 535 930	5 096 619	3 898 307	4 102 872
CWE-400	1 210 852	458 445	71 088	19 654	428 373	495 526	331 910	337 427
CWE-78	703 660	290 148	50 478	5 383	242 148	263 665	217 122	200 428
Lua-5.3.4	68 222	52 585	1 869	4 764	59 055	72 829	100 701	106 830
redis-5.0.8	735 275	401 520	14 461	119 216	45 737	56 505	654 495	778 854
总计	50 067 406	18 337 496	3 424 166	625 006	16 118 260	18 066 536	14 443 657	15 342 334

Tab. 3 Distribution of sample labels in datasets

数据集	粒度	#脆弱样本	#良性样本	#总计
SARD	测试用例	102 696	1 408	104 104
	方法	129 038	774 714	903 752
	PSG	166 914	598 426	765 340
redis	方法	1 877	2 606	4 483
redis	PSG	862	1 495	2 357
Lua	方法	898	1 072	1 970
Lua	PSG	717	1 812	2 529
总计	测试用例	102 696	1 408	104 104
	方法	131 813	778 392	910 205
	PSG	168 493	601 733	770 406

Tab. 4 Detection results of different code representation methods

表示方法	1-V_FPR/%	1-V_FNR/%	ACC/%	F1/%	所用时间/s
基于源代码	76.3	81.4	79.2	72.4	631.7
基于源代码的图	84.4	84.9	87.7	78.7	862.7
基于源代码的混合特征	91.8	93.3	92.9	87.8	1 218.5
LLVM IR	85.1	89.4	88.4	82.2	953.6
基于IR的图	90.2	91.1	90.8	85.9	1 155.2
基于IR的混合特征	97.7	97.4	98.2	95.4	1 458.6
基于IR的混合特征*	92.5	94.1	93.3	90.9	1 886.3

Fig. 6 Detection results of different graph neural networks on SARD

Tab.5 Detection results comparison of on SARD

方法	CWE-119				CWE-20				CWE-125				CWE-190				CWE-22
方法	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1
RATS	99.4	2.4	69.4	5.4	98.5	3.9	75.2	6.8	94.4	25.5	73.3	36.7	99.4	10.9	73.1	18.5	88.8	12.2	55.5	19.2
Flawfinder	43.3	67.7	51.1	44.5	32.2	72.1	41.6	37.5	31.1	78.8	46.4	46.7	78.6	28.2	64.4	30.7	9.4	97.7	52.3	63.7
VulDeePecker	61.2	71.5	79.4	71.6	65.6	75.7	73.3	71.1	51.4	73.7	62.2	65.5	71.4	53.2	62.4	57.7	95.3	94.9	94.6	95.1
VGDetector	91.1	85.5	90.9	80.5	89.3	86.7	89.3	85.6	91.4	91.9	89.3	81.6	92.9	90.2	90.6	81.3	94.2	85.5	93.2	89.2
Devign	88.4	89.2	88.9	83.3	89.9	85.4	87.7	82.2	90.9	89.5	88.1	80.8	87.7	85.2	88.2	83.8	85.3	90.6	88.8	87.7
VulDeelocator	89.1	85.4	89.0	76.4	84.4	81.8	88.8	89.4	93.3	83.2	87.7	75.7	92.9	91.2	93.3	77.7	92.2	93.9	90.8	76.7
VulSaviour	94.6	95.9	97.1	94.8	97.7	96.4	98.1	95.4	98.2	97.9	98.1	95.5	97.7	93.3	94.4	92.2	99.2	98.5	99.1	96.5
方法	CWE-399				CWE-787				CWE-254				CWE-400				CWE-78
方法	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1
RATS	99.2	13.3	76.4	22.1	98.5	6.4	70.3	10.9	98.6	2.4	72.8	4.4	97.7	22.4	80.8	34.4	92.2	54.8	61.4	8.2
Flawfinder	43.3	58.4	47.1	36.6	28.8	78.2	44.4	46.6	30.3	79.2	43.2	42.9	30.5	82.2	43.1	39.3	23.3	92.7	48.4	56.1
VulDeePecker	73.9	62.2	68.4	65.5	76.7	65.3	70.7	68.8	84.2	75.2	78.7	77.7	80.2	73.2	75.7	75.1	80.9	78.6	85.2	75.1
VGDetector	97.9	67.7	90.6	84.7	93.9	79.2	89.5	85.8	85.5	82.2	91.3	84.8	98.4	82.4	92.8	83.8	95.3	92.4	89.8	80.8
Devign	95.3	92.1	89.4	88.5	88.8	90.9	88.8	73.2	88.1	87.9	85.8	84.2	84.1	89.3	89.9	84.7	82.4	83.3	91.4	88.2
VulDeelocator	98.5	56.7	89.1	71.7	90.5	76.5	88.6	84.4	85.3	78.8	88.5	76.1	97.4	72.5	92.2	74.3	85.4	85.9	88.5	79.3
VulSaviour	98.4	94.8	98.2	94.8	98.4	96.2	97.4	95.9	97.4	95.9	97.1	93.9	99.2	97.4	98.8	97.4	97.2	95.5	97.4	96.2

Tab.6 Detection results on real-world projects

方法	redis				Lua				mixed
方法	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1	1-V_FPR	1-V_FNR	ACC	F1
RATS	97.9	5.4	72.2	1.9	97.1	8.3	75.7	8.1	97.3	4.3	65.3	4.9
Flawfinder	51.2	71.8	62.4	44.5	48.3	61.3	52.4	38.5	41.3	71.3	58.4	44.5
VulDeePecker	64.6	72.2	71.7	64.5	60.6	75.2	71.2	68.1	64.6	65.5	68.2	60.9
VGDetector	88.4	81.8	89.9	87.2	85.2	84.8	89.2	82.2	89.2	71.8	83.5	79.2
Devign	74.2	76.2	88.1	81.8	77.7	78.8	88.2	81.4	80.7	78.8	82.8	81.2
VulDeelocator	86.3	75.4	86.3	85.3	83.3	81.4	85.3	78.3	74.6	68.2	78.8	72.2
VulSaviour	92.2	91.4	91.2	90.4	95.2	91.9	93.4	89.4	95.4	90.4	89.9	89.1

References 23

1	李舟军，张俊贤，廖湘科，等. 软件安全漏洞检测技术［J］. 计算机学报， 2015， 38（4）：717-732. 10.3724/SP.J.1016.2015.00717
	LI Z J， ZHANG J X， LIAO X K， et al. Survey of software vulnerability detection techniques［J］. Chinese Journal of Computers， 2015， 38（4）： 717-732. 10.3724/SP.J.1016.2015.00717
2	李韵，黄辰林，王中锋，等. 基于机器学习的软件漏洞挖掘方法综述［J］. 软件学报， 2020， 31（7）：2040-2061. 10.13328/j.cnki.jos.006055
	LI Y， HUANG C L， WANG Z F， et al. Survey of software vulnerability mining methods based on machine learning［J］. Journal of Software， 2020， 31（7）： 2040-2061. 10.13328/j.cnki.jos.006055
3	李珍，邹德清，王泽丽，等. 面向源代码的软件漏洞静态检测综述［J］. 网络与信息安全学报， 2019， 5（1）：1-14. 10.11959/j.issn.2096-109x.2019001
	LI Z， ZOU D Q， WANG Z L， et al. Survey on static software vulnerability detection for source code［J］. Chinese Journal of Network and Information Security， 2019， 5（1）： 1-14. 10.11959/j.issn.2096-109x.2019001
4	WU Y M， ZOU D Q， DOU S H， et al. VulCNN： an image-inspired scalable vulnerability detection system［C］// Proceedings of the ACM/IEEE 44th International Conference on Software Engineering. New York： ACM， 2022： 2365-2376. 10.1145/3510003.3510229
5	CHENG X， ZHANG G Q， WANG H Y， et al. Path-sensitive code embedding via contrastive learning for software vulnerability detection［C］// Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. New York： ACM， 2022： 519-531. 10.1145/3533767.3534371
6	RUSSELL R， KIM L， HAMILTON L， et al. Automated vulnerability detection in source code using deep representation learning［C］// Proceedings of the 17th IEEE International Conference on Machine Learning and Applications. Piscataway： IEEE， 2018： 757-762. 10.1109/icmla.2018.00120
7	LI Z， ZOU D Q， XU S H， et al. VulDeeLocator： a deep learning-based fine-grained vulnerability detector［J］. IEEE Transactions on Dependable and Secure Computing， 2022， 19（4）： 2821-2837. 10.1109/tdsc.2021.3076142
8	ZHOW Y Q， LIU S Q， SIOW J， et al. Devign： effective vulnerability identification by learning comprehensive program semantics via graph neural networks［C］// Proceedings of the 33rd International Conference on Neural Information Processing Systems. Red Hook， NY： Curran Associates Inc.， 2019： 10197-10207.
9	LI Z， ZOU D Q， XU S H， et al. VulDeePecker： a deep learning-based system for vulnerability detection［C/OL］// Proceedings of the 2018 Network and Distributed Systems Security Symposium ［2022-01-25］.. 10.14722/ndss.2018.23158
10	高凤娟，王豫，陈天骄，等. 基于污点分析的数组越界缺陷的静态检测方法［J］. 软件学报， 2020， 31（10）：2983-3003. 10.13328/j.cnki.jos.006063
	GAO F J， WANG Y， CHEN T J， et al. Static checking of array index out of bounds defects in C programs based on taint analysis［J］. Journal of Software， 2020， 31（10）： 2983-3003. 10.13328/j.cnki.jos.006063
11	梁娟娟，刘久富，朱丹丹，等. 基于符号执行的软件静态测试研究［J］. 计算机技术与发展， 2013， 23（6）：42-45， 178. 10.3969/j.issn.1673-629X.2013.06.011
	LIANG J J， LIU J F， ZHU D D， et al. Software static test research based on symbolic execution［J］. Computer Technology and Development， 2013， 23（6）： 42-45， 178. 10.3969/j.issn.1673-629X.2013.06.011
12	CHENG X， WANG H Y， HUA J Y， et al. Static detection of control-flow-related vulnerabilities using graph embedding［C］// Proceedings of the 24th International Conference on Engineering of Complex Computer Systems. Piscataway： IEEE， 2019： 41-50. 10.1109/iceccs.2019.00012
13	LE Q， MIKOLOV T. Distributed representations of sentences and documents［C］// Proceedings of the 31st International Conference on Machine Learning. New York： JMLR.org， 2014： 1188-1196.
14	KIPF T N， WELLING M. Semi-supervised classification with graph convolutional networks［EB/OL］. （2017-02-22）［2021-10-22］.. 10.48550/arXiv.1609.02907
15	VELIČKOVIĆ P， CUCURULL G， CASANOVA A， et al. Graph attention networks［EB/OL］. （2018-02-04）［2021-10-22］..
16	MORRIS C， RITZERT M， FEY M， et al. Weisfeiler and Leman go neural： higher-order graph neural networks［C］// Proceedings of the 33rd AAAI Conference on Artificial Intelligence. Palo Alto， CA： AAAI Press， 2019： 4602-4609. 10.1609/aaai.v33i01.33014602
17	LI Y J， TARLOW D， BROCKSCHMIDT M， et al. Gated graph sequence neural networks［EB/OL］. （2017-09-22）［2021-10-22］..
18	CHENG X， WANG H， HUA J Y， et al. DeepWuKong： statically detecting software vulnerabilities using deep graph neural network［J］. ACM Transactions on Software Engineering and Methodology， 2021， 30（3）： No.38. 10.1145/3436877
19	GAO Q， MA S， SHAO S H， et al. CoBOT： static C/C++ bug detection in the presence of incomplete code［C］// Proceedings of the ACM/IEEE 26th International Conference on Program Comprehension. New York： ACM， 2018： 385-388. 10.1145/3196321.3196367
20	LIU S G， LIN G J， HAN Q L， et al. DeepBalance： deep-learning and fuzzy oversampling for vulnerability detection［J］. IEEE Transactions on Fuzzy Systems， 2020， 28（7）： 1329-1343.
21	WU Y L， LU J T， ZHANG Y Y， et al. Vulnerability detection in C/C++ source code with graph representation learning［C］// Proceedings of the IEEE 11th Annual Computing and Communication Workshop and Conference. Piscataway： IEEE， 2021： 1519-1524. 10.1109/ccwc51732.2021.9376145
22	LI Y， WANG S H， NGUYEN T N. Vulnerability detection with fine-grained interpretations［C］// Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. New York： ACM， 2021： 292-303. 10.1145/3468264.3468597
23	WANG H T， YE G X， TANG Z Y， et al. Combining graph-based learning with automated data collection for code vulnerability detection［J］. IEEE Transactions on Information Forensics and Security， 2021， 16： 1943-1958. 10.1109/tifs.2020.3044773

[1]	Yunchuan HUANG, Yongquan JIANG, Juntao HUANG, Yan YANG. Molecular toxicity prediction based on meta graph isomorphism network [J]. Journal of Computer Applications, 2024, 44(9): 2964-2969.
[2]	Jing QIN, Zhiguang QIN, Fali LI, Yueheng PENG. Diagnosis of major depressive disorder based on probabilistic sparse self-attention neural network [J]. Journal of Computer Applications, 2024, 44(9): 2970-2974.
[3]	Xiyuan WANG, Zhancheng ZHANG, Shaokang XU, Baocheng ZHANG, Xiaoqing LUO, Fuyuan HU. Unsupervised cross-domain transfer network for 3D/2D registration in surgical navigation [J]. Journal of Computer Applications, 2024, 44(9): 2911-2918.
[4]	Shunyong LI, Shiyi LI, Rui XU, Xingwang ZHAO. Incomplete multi-view clustering algorithm based on self-attention fusion [J]. Journal of Computer Applications, 2024, 44(9): 2696-2703.
[5]	Yu DU, Yan ZHU. Constructing pre-trained dynamic graph neural network to predict disappearance of academic cooperation behavior [J]. Journal of Computer Applications, 2024, 44(9): 2726-2731.
[6]	Yexin PAN, Zhe YANG. Optimization model for small object detection based on multi-level feature bidirectional fusion [J]. Journal of Computer Applications, 2024, 44(9): 2871-2877.
[7]	Tingjie TANG, Jiajin HUANG, Jin QIN. Session-based recommendation with graph auxiliary learning [J]. Journal of Computer Applications, 2024, 44(9): 2711-2718.
[8]	Yuhan LIU, Genlin JI, Hongping ZHANG. Video pedestrian anomaly detection method based on skeleton graph and mixed attention [J]. Journal of Computer Applications, 2024, 44(8): 2551-2557.
[9]	Yanjie GU, Yingjun ZHANG, Xiaoqian LIU, Wei ZHOU, Wei SUN. Traffic flow forecasting via spatial-temporal multi-graph fusion [J]. Journal of Computer Applications, 2024, 44(8): 2618-2625.
[10]	Qianhong SHI, Yan YANG, Yongquan JIANG, Xiaocao OUYANG, Wubo FAN, Qiang CHEN, Tao JIANG, Yuan LI. Multi-granularity abrupt change fitting network for air quality prediction [J]. Journal of Computer Applications, 2024, 44(8): 2643-2650.
[11]	Tingjie TANG, Jiajin HUANG, Jin QIN, Hui LU. Session-based recommendation based on graph co-occurrence enhanced multi-layer perceptron [J]. Journal of Computer Applications, 2024, 44(8): 2357-2364.
[12]	Zheng WU, Zhiyou CHENG, Zhentian WANG, Chuanjian WANG, Sheng WANG, Hui XU. Deep learning-based classification of head movement amplitude during patient anaesthesia resuscitation [J]. Journal of Computer Applications, 2024, 44(7): 2258-2263.
[13]	Huanhuan LI, Tianqiang HUANG, Xuemei DING, Haifeng LUO, Liqing HUANG. Public traffic demand prediction based on multi-scale spatial-temporal graph convolutional network [J]. Journal of Computer Applications, 2024, 44(7): 2065-2072.
[14]	Zhi ZHANG, Xin LI, Naifu YE, Kaixi HU. DKP： defending against model stealing attacks based on dark knowledge protection [J]. Journal of Computer Applications, 2024, 44(7): 2080-2086.
[15]	Yiqun ZHAO, Zhiyu ZHANG, Xue DONG. Anisotropic travel time computation method based on dense residual connection physical information neural networks [J]. Journal of Computer Applications, 2024, 44(7): 2310-2318.

Source code vulnerability detection based on hybrid code representation

基于混合代码表示的源代码脆弱性检测

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 12

References 23

Related Articles 15

Recommended Articles

Metrics