| 基于机器学习的软件脆弱性分析方法综述 |
| |
| 引用本文: | 况晓辉,刘强,李响,聂原平.基于机器学习的软件脆弱性分析方法综述[J].计算机工程与科学,2018,40(11):2000-2007. |
| |
| 作者姓名: | 况晓辉 刘强 李响 聂原平 |
| |
| 作者单位: | (1.军事科学院系统工程研究院信息系统安全技术国防科技重点实验室,北京 100101;
2.清华大学计算机科学与技术系,北京 100084) |
| |
| 摘 要: | 随着被披露脆弱性代码样本数量的不断增加和机器学习方法的广泛应用,基于机器学习的软件脆弱性分析逐渐成为信息安全领域的热点研究方向。首先,通过分析已有研究工作,提出了基于机器学习的软件脆弱性挖掘框架;然后,从程序分析角度对已有研究工作进行了分类综述;最后,对研究成果进行了对比分析,并分析了当前基于机器学习的脆弱性分析方法面临的挑战,展望了未来的发展方向。
|
| 关 键 词: | 软件脆弱性分析 机器学习 综述 |
| 收稿时间: | 2018-03-12 |
| 修稿时间: | 2018-11-25 |
Survey on software vulnerability analysis
based on machine learning |
| |
| KUANG Xiao hui,LIU Qiang,LI Xiang,NIE Yuan ping.Survey on software vulnerability analysis
based on machine learning[J].Computer Engineering & Science,2018,40(11):2000-2007. |
| |
| Authors: | KUANG Xiao hui LIU Qiang LI Xiang NIE Yuan ping |
| |
| Affiliation: | (1.National Key Laboratory of Science and Technology on Information System Security,
Institute of System and Engineering,Academy of Military Science,Beijing 100101;
2.Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China) |
| |
| Abstract: | As increasing reporting and disclosure of vulnerability code samples and extensive applications of machine learning methods, software vulnerability analysis methods based on machine learning have become a hot research direction in information security. After analysis of existing research work, we propose a software vulnerability analysis framework based on machine learning. We then review and classify existing machine learning based vulnerability methods, and conduct comparative analysis. We briefly analyze the challenges for machine learning based software vulnerability analysis methods, and discuss future research trends. |
| |
| Keywords: | software vulnerability analysis machine learning survey |
|
| 点击此处可从《计算机工程与科学》浏览原始摘要信息 |
|
点击此处可从《计算机工程与科学》下载全文 |
