Research On Key Technologies Of Software Measurement

Since the 21 st century,Internet technology has developed rapidly and computers have been fully integrated into all aspects of people's lives.With the increasing material and cultural needs of people,software,as the soul of computer systems,is more diverse,larger in scale and more complex in architecture.At the same time,a series of security problems caused by software quality are becoming more and more serious.Reliable software has become the standard for software development.Software measurement has always been an effective means to ensure software quality in the field of software engineering.It mainly measures software from the perspective of complexity,reliability,maintainability,etc.However,at present,most of the software measurement research work has a relatively single measurement dimension,while a single feature can no longer meet people's needs for software.Therefore,in order to discover the problems in the software earlier,this paper focuses on measuring the security risk of software from the three dimensions of software complexity,software maliciousness and software vulnerabilities related to software security.The main achievements of this paper are as follows:(1)In view of the existing software complexity measurement methods,there is a problem that the indicators of measuring the complexity of the program are not comprehensive enough.An improved object-oriented software complexity measurement method ECB is proposed in this paper.This method takes into account factors such as multi-inheritance,polymorphism and function calls that lead to increased complexity,and the widely used indicators of complexity measurement--Weyuker attributes are used as evaluation indicators.Finally,the experimental results show that ECB can describe the complexity of the program more accurately than the measurement scheme before improvement and it aslo meets 9 Weyuker attributes.(2)In the current research solution of image-based software malicious detection,when there is too much interference information in the sample,the texture characteristics of the image will change greatly,resulting in a decrease in accuracy.This paper proposes an image-based fine-grained software maliciousness measurement model called Image-FGDM.The model not only extracts global features from the grayscale image converted by the binary program,but also extracts local features from the code and data segments that best represent the behavior of the software to overcome the influence of interference factors.Finally,the global features and the local features are combined to measure more accuractely.Experimental results show that the model is superior to the comparison scheme and can identify the malicious software with an accuracy of up to 97.41%.(3)Most existing researches on source code-based software vulnerability detection are based on the program level with larger granularity,and there is less research on the extraction of program semantics.In response to these shortcomings,this paper proposes a deep learningbased vulnerability detection model called SAT-BLSTM.The model obtains code fragments containing vulnerabilities through program slicing technology,and converts them into vectors using word embedding technology,and finally inputs them into BLSTM neural network that introduces Attention mechanism for learning and classification.By verifying the model in 166615 samples and comparing with the traditional deep learning network model,the results show that the model can effectively detect vulnerabilities in software with an accuracy of 97.73% accuracy.Besides,by introducing the Attention mechanism,the model can better learn the semantic information contained in the code and the accuracy of the model is improved by 2.95%.Based on the in-depth investigation of the current status of software measurement research,this paper focuses on the three measurement dimensions of complexity,maliciousness and vulnerability risk related to software security,and proposes corresponding solutions to the deficiencies in the existing solutions of these three dimensions.The improved complexity measurement scheme ECB proposed can describe the complexity of the program more accurately than the scheme before improvement and meets 9 Weyuker attributes.The proposed software maliciousness measurement scheme is 3.4% more accurate than the comparison scheme.The proposed software vulnerability risk measurement SAT-BLSTM model can effectively detect vulnerabilities in software with an accuracy of up to 97.73%,and finally achieve multi-dimensional measurement of software security.