| Today,the harm of computer program vulnerabilities can not be underestimated,and the growth rate of computer program vulnerabilities is also slowly increasing.Based on this,many computer vulnerability detection technologies have been developed.LLVM technology itself has good scalability and efficient compilation speed,so vulnerability detection based on LLVM can make a breakthrough in language support and detection efficiency.The three key techniques used in this method are program slicing,Clang abstract syntax tree(AST)and BGRU(Bidirectional Gated Recurrent Unitneural)network model.Firstly,the abstract syntax tree is constructed for vulnerability code,and all information about the defined "program focus" is obtained on the basis of AST.which include pointer,array,expression and library API in the code.Afterwards,program slices are made on the level of LLVM interlanguage to get the focus slices.After obtaining the slices,the vulnerability labels are added to the slices according to the existing vulnerability information to represent the corresponding intermediate language code at the level of LLVM.Finally,the labeled interlanguage slices are input into the BGRU deep learning model for training to detect program vulnerabilities in unknown code.After a lot of data training tests,the false positive and false negative rate of LLVM-based vulnerability detection method proposed in this paper are very low,and the accuracy and evaluation rate of the system are very high.In a word,by comparing several other vulnerability detection methods and test results at present,the vulnerability detection method in this paper is very effective. |
