基于上下文特征融合的代码漏洞检测方法

针对现有代码漏洞检测方法误报率和漏报率较高的问题，提出基于上下文特征融合的代码漏洞检测方法. 该方法将代码特征解耦分为代码块局部特征和上下文全局特征. 代码块局部特征关注代码块中关键词的语义及其短距离依赖关系. 将局部特征融合得到上下文全局特征从而捕捉代码行上下文长距离依赖关系. 该方法通过局部信息与全局信息协同学习，提升了模型的特征学习能力. 模型精确地挖掘出代码漏洞的编程模式，增加了代码漏洞对比映射模块，拉大了正负样本在嵌入空间中的距离，促使对正负样本进行准确地区分. 实验结果表明，在9个软件源代码混合的真实数据集上的精确率最大提升了29%，召回率最大提升了16%.

Code vulnerability detection method based on contextual feature fusion

A code vulnerability detection method based on contextual feature fusion was proposed in the view of high false positive rate and the high false negative rate of existing code vulnerability detection methods. The code features were decoupled into code block local features and context global features. The code block local features focused on the semantics of key tokens and short distance dependencies. The context global features were obtained by fusing code block local features to capture long-distance dependencies of code line context. The feature learning ability of the model was improved by collaborating the learning of local and global information. The programming mode of code vulnerabilities was discovered more accurately. A code vulnerability comparison mapping module was introduced to widen the distance between positive and negative samples in embedded space. The model can accurately distinguish between positive and negative samples. The experimental results show that the precision rate is improved by a maximum of 29% and the recall rate is improved by a maximum of 16% on the real data set mixed with 9 software source code.