Abstract
The detection of software vulnerabilities is a challenging task in the field of security. With the increasing scale of software and the rapid development of artificial intelligence technology, deep learning has been extensively applied to automatic vulnerability detection. Temporal Convolutional Networks (TCNs) have been shown to perform well in tasks that can be processed in parallel; they can adaptively learn complex structures (including in-time series data); and they have exhibited stable gradients — they are relatively easier to train, and can quickly converge to an optimal solution. However, TCNs cannot simultaneously capture the bidirectional semantics of the source code, since they do not have a bidirectional network structure. Furthermore, because of the weak noise resistance of residual TCN connections, TCNs are also susceptible to learning features that are not related to vulnerabilities when learning the source code features. To overcome the limitations of the traditional TCN, we propose a bidirectional TCN model based on the Deep Residual Shrinkage Network (DRSN), namely BiTCN_DRSN. BiTCN_DRSN combines TCN and DRSN to enhance the noise immunity and make the network model more attentive to the features associated with vulnerabilities. In addition, addressing the limitation that the TCN is a unidirectional network structure, the forward and backward sequences are utilized for bidirectional source-code feature learning. The experimental results show that the proposed BiTCN_DRSN model can effectively improve the accuracy of source-code vulnerability detection, compared with some existing neural-network models. Compared with the traditional TCN, our model increases the accuracy by 4.22%, 2.42% and 2.66% on the BE-ALL, RM-ALL and HY-ALL datasets, respectively. The proposed BiTCN_DRSN model also exhibits improved detection stability.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.