Static detection method for multi-level network source code vulnerabilities based on knowledge graph technology
Guardado en:
| Publicado en: | Discover Artificial Intelligence vol. 5, no. 1 (Dec 2025), p. 120 |
|---|---|
| Autor principal: | |
| Otros Autores: | , , |
| Publicado: |
Springer Nature B.V.
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Resumen: | The current static detection method of network source code vulnerabilities mainly relies on the static analysis of binary code. However, due to the failure to fully simulate the actual operating environment of programs, some vulnerabilities that trigger only under specific conditions are difficult to be found by static detection tools. This limitation increases the difficulty of static analysis. Therefore, a static detection method for multilevel network source code vulnerability based on knowledge graph technology is proposed. Web crawler technology is selected to collect and preprocess vulnerability data to avoid interference from network environment and malicious programs, which leads to redundancy and abnormal vulnerability data. By introducing knowledge graph information and combining word embedding with knowledge embedding, named entities are automatically identified from the preprocessed vulnerability data set. While adopting the joint embedding technology, we can integrate the word embedding and knowledge embedding more effectively, introducing an attention mechanism to enhance the weight of key information. Improve the effectiveness of the named entity identification. The identified named entities are taken as the basic nodes in the knowledge graph to build the multi-level network source code vulnerability knowledge graph, calculate the vulnerability attack error and attack loss, and quantitatively evaluate the accuracy of detection and the potential harm of vulnerabilities. The experimental results show that the proposed method can accurately detect the identification of named entities and vulnerabilities, and has certain positive significance to ensure the network security. |
|---|---|
| ISSN: | 2731-0809 |
| DOI: | 10.1007/s44163-025-00347-0 |
| Fuente: | Research Library |