부산대학교 도서관

Despite the work done by academia and industry in the area of vulnerability detection, the number of vulnerabilities reported each year is still growing rapidly. Nowadays, the mainstream vulnerability detection methods mainly transform source code into an intermediate representation and then detect it by machine learning or deep learning algorithms, but the problem of high false-positive rate and negative rate is difficult to solve. This is mainly because the intermediate representation does not reflect the characteristics of the vulnerabilities well. In this paper, we propose a convolutional neural network-based feature extraction model. By extracting features from such intermediate representations of code metrics, these features are used as input to a deep learning model for vulnerability detection. By experimenting with other vulnerability detection methods under the same benchmark, our proposed model shows improvement in all evaluation metrics, with Precision and Recall reaching close to 80%, and False Positive Rate and False Negative Rate decreasing to close to 20%. Finally, we analyze the proposed method and discuss how it should be improved in the future.