Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone

Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone

It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, soautomatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions eithercannot automatically extract the characteristics of the vulnerabl...

Full description

Bibliographic Details
Main Authors: Yuan He, Wenjie Wang, Hongyu Sun, Yuqing Zhang
Format: Article
Language:English
Published: European Alliance for Innovation (EAI) 2020-06-01
Series:EAI Endorsed Transactions on Security and Safety
Subjects:
vulnerability
few-shot learning
code clone
distance-metric
Online Access:https://eudl.eu/pdf/10.4108/eai.13-7-2018.165275
id doaj-59a9bbebda4f4f37afd647081db41536
record_format Article
spelling doaj-59a9bbebda4f4f37afd647081db415362020-11-25T03:09:32ZengEuropean Alliance for Innovation (EAI)EAI Endorsed Transactions on Security and Safety2032-93932020-06-0172310.4108/eai.13-7-2018.165275Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code CloneYuan He0Wenjie Wang1Hongyu Sun2Yuqing Zhang3National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, ChinaSchool of mathematics and computer science, Dali University, Dali, ChinaNational Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, ChinaSchool of Cyber Engineering, Xidian University, Xi’an, ChinaNational Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, ChinaIt is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, soautomatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions eithercannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according todifferent codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable codeclone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model fordiscovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use thenetwork to measure similarity. The results of experiments on open-source projects of five operating systems show that theaccuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.https://eudl.eu/pdf/10.4108/eai.13-7-2018.165275vulnerabilityfew-shot learningcode clonedistance-metric
collection DOAJ
language English
format Article
sources DOAJ
author Yuan He
Wenjie Wang
Hongyu Sun
Yuqing Zhang
spellingShingle Yuan He
Wenjie Wang
Hongyu Sun
Yuqing Zhang
Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
EAI Endorsed Transactions on Security and Safety
vulnerability
few-shot learning
code clone
distance-metric
author_facet Yuan He
Wenjie Wang
Hongyu Sun
Yuqing Zhang
author_sort Yuan He
title Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
title_short Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
title_full Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
title_fullStr Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
title_full_unstemmed Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
title_sort vul-mirror: a few-shot learning method for discovering vulnerable code clone
publisher European Alliance for Innovation (EAI)
series EAI Endorsed Transactions on Security and Safety
issn 2032-9393
publishDate 2020-06-01
description It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, soautomatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions eithercannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according todifferent codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable codeclone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model fordiscovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use thenetwork to measure similarity. The results of experiments on open-source projects of five operating systems show that theaccuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.
topic vulnerability
few-shot learning
code clone
distance-metric
url https://eudl.eu/pdf/10.4108/eai.13-7-2018.165275
work_keys_str_mv AT yuanhe vulmirrorafewshotlearningmethodfordiscoveringvulnerablecodeclone
AT wenjiewang vulmirrorafewshotlearningmethodfordiscoveringvulnerablecodeclone
AT hongyusun vulmirrorafewshotlearningmethodfordiscoveringvulnerablecodeclone
AT yuqingzhang vulmirrorafewshotlearningmethodfordiscoveringvulnerablecodeclone
_version_ 1724662087736623104

Similar Items