EAI Endorsed Transactions on Security and Safety (Jun 2020)

Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone

  • Yuan He,
  • Wenjie Wang,
  • Hongyu Sun,
  • Yuqing Zhang

DOI
https://doi.org/10.4108/eai.13-7-2018.165275
Journal volume & issue
Vol. 7, no. 23

Abstract

Read online

It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, soautomatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions eithercannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according todifferent codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable codeclone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model fordiscovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use thenetwork to measure similarity. The results of experiments on open-source projects of five operating systems show that theaccuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.

Keywords