Embedding Source Code to Image for Defect Analysis
Source code analysis can predict defective code regions,help developers to fix bugs and prioritize test overhead.Learning based methods fail to achieve promising performance on cross-file and cross-project tasks.Meanwhile,existing code review software works seriously depend on specific compiler or virtual compiler.If source code cannot be compiled the tools do not work.We first propose to extract function blocks from abstract syntax trees,embed them to code image and construct convolutional neural networks to learn embedded images deep,which produce some categorical models for source code defect classification.We have evaluated the proposed methodology on some experiments to analysis memory related defects in snippets function by function.Experimental results showed without compiling source code it is analyze some and find historical code defect such as CVE-2018-0732,CVE-2018-0737 and CVE-2018-0739.
static code analysis embedded images convolutional neural networks function level cross file cross projects
Xiaomeng Wang Wei Xin Jiajie Wang
China Information Technology Security Evaluation Center,Beijing 100085,China
国际会议
重庆
英文
247-250
2019-05-30(万方平台首次上网日期,不代表论文的发表时间)