一种基于改进差分进化算法的源码漏洞 检测模型的冷启动方法.

As an important research topic, source code vulnerability detection has many problems in its traditional methods, such as high manual participation, weak detection ability of unknown vulnerabilities. Aiming at the above problems, based on the syntactic and semantic information of open source code and improved differential evolution algorithm, this paper proposed a cold start optimization method for source code vulnerability detection model. This paper used source code slicing technology, heuristic optimization algorithms and neural network models, which solved the problem that the hyperparameters couldn’t be correctly selected at the beginning of the vulnerability detection model. For the case of sample information redundancy and mixture of positive and negative sample distinctive features in the experiment, it proposed an idea of cross-exclusion of positive and negative sample distinctive features to reduce the false negative rate and false positive rate of the model. Experiments show that this method can effectively accelerate the convergence of the model, and making the model stable within 10 epochs. While improving the accuracy of the source code vulnerability detection model, its convergence speed is 2～3 times higher than other models. In the subsequent improvement experiments, the source code vulnerability detection model has improved the accuracy of each type of vulnerability by 1～3 percentage points, which fully proves the effectiveness of the improvement measures. The optimization strategies and improvement measures of this method are also applicable to other neural network classification models, and it can provide ideas for exploring new methods and models in the field of vulnerability detection. [ABSTRACT FROM AUTHOR]