{"title":"vull - mirror:一种发现脆弱代码克隆的几次学习方法","authors":"Yuan He, Wenjie Wang, Hongyu Sun, Yuqing Zhang","doi":"10.4108/eai.13-7-2018.165275","DOIUrl":null,"url":null,"abstract":"It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, so automatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions either cannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according to different codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable code clone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model for discovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use the network to measure similarity. The results of experiments on open-source projects of five operating systems show that the accuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone\",\"authors\":\"Yuan He, Wenjie Wang, Hongyu Sun, Yuqing Zhang\",\"doi\":\"10.4108/eai.13-7-2018.165275\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, so automatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions either cannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according to different codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable code clone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model for discovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use the network to measure similarity. The results of experiments on open-source projects of five operating systems show that the accuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.\",\"PeriodicalId\":335727,\"journal\":{\"name\":\"EAI Endorsed Trans. Security Safety\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-06-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"EAI Endorsed Trans. Security Safety\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4108/eai.13-7-2018.165275\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"EAI Endorsed Trans. Security Safety","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4108/eai.13-7-2018.165275","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, so automatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions either cannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according to different codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable code clone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model for discovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use the network to measure similarity. The results of experiments on open-source projects of five operating systems show that the accuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.