Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-01-28 Cooperative journals: 《计算机应用研究》
Abstract: In recent years, open source software has frequently exposed high-risk vulnerabilities, posing a huge threat to the security of enterprise information system. Aiming at the open source software vulnerability, this paper proposed a software source code vulnerability detection method based on deep clustering algorithm. This method uses code graph model to construct the code attribute map and traverses the key code nodes to extract the application programming interfaces (API) sequence, then takes the key sequence as the center to cluster and calculates the outliers of the function in each clustering to generate a test report, matches the vulnerability library to detect vulnerabilities in the source code. The experimental results show that the proposed method can locate the key code segments of the vulnerability in open source software and detect the vulnerability.