Source Code Vulnerability Detection Method with Multidimensional Representation

Abstract

AbstractAt present, most of the source code vulnerability detection methods only rely on the source code text information for representation, and the single dimension of representation leads to low efficiency. This paper presents a source code vulnerability detection method based on multidimensional representation. Firstly, the structured text information of the source code is obtained through the abstract syntax tree of the source code; Then the source code is measured to obtain the code metrics; Finally, a deep neural network is used for feature learning to construct the source code vulnerability detection model, and the structured text features and code metrics of the source code to be detected are input into the vulnerability detection model to obtain the vulnerability detection results. The results of the comparison experiment show that the method has a good detection effect. In comparison experiments, 11 source code samples with different types of vulnerabilities were tested for vulnerability detection. The average detection accuracy of this method is 97.96%. Compared with existing vulnerability detection methods based on a single characterization, the detection accuracy of this method is improved by 4.89%–12.21%. At the same time, the miss and false-positive rates of this method are kept within 10%.KeywordsVulnerability detectionStructured representationAbstract syntax treeCode metricsDeep neural network