1 Introduction
2 Related works
3 Proposed method
3.1 Framework of V-CNN automatic detection model
3.2 Definition of V-CNN-based automatic vulnerability detection method
-
Preprocessing procedure: Generate the training dataset. The final dataset is created by processing the source data, handling outliers, duplicates, and missing values, and optimizing the coding.
-
Learning model: The dataset is vectorized and normalized to improve the learning performance of the model. In addition, learning models are created and optimized by adjusting weights, dataset proportions, loss functions, and analyzing optimizer relationships.
-
Correct detection rate and false positive rate: This is measured by automatically detecting CVE/CWE after the V-CNN model has completed learning. The performance of the algorithm is validated by comparison with the Random Forest algorithm.
3.2.1 Data collection and preprocessing
3.2.2 V-CNN model learning
-
Case (1) Adagrad + MSE
-
Case (2) Adagrad + MAE
-
Case (3) SGD + MSE
-
Case (4) SGD + MAE
-
Case (5) Adam + MSE
-
Case (6) Adam + MAE
3.3 CWE code redefinition and detection based on vulnerability
3.3.1 CWE code redefinition
Explanation | CWE list | Detected code number |
---|---|---|
Cross-site Scripts(XSS) | 79 | 152 |
Bypass | 20, 200, 254, 255, 264, 286, 287, 352 | 60 |
CFSR | 352 | 14 |
Dir. Trav. | 22 | 23 |
Dos, Dos Overflow, Dos Exec | 16, 17, 18, 19, 20, 59, 119, 125, 189, 264, 310, 362, 399, 415, 476 | 387 |
ExecCode | 17, 19, 20, 22, 77, 78, 79, 89, 94, 119, 264 | 101 |
Http R.Sql. | 94, 352 | 3 |
Overflow | 119, 189, 264 | 20 |
Sql | 89 | 1 |
ID | Explanation | CWE Redefinition |
---|---|---|
CWE-20 | Improper Input Validation | Remote address spoofing vulnerability |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Memory reference error in Complete Enumeration Parallel Program |
CWE-125 | Out-of-bounds Read | Input error |
CWE-190 | Integer Overflow or Wraparound | Integer overflow |
CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | Local path vulnerability |
CWE-399 | Resource Management Errors | Resource allocation processing error |
CWE-416 | Use After Free | Orphan fragmentation error |
3.3.2 Automatic detection and results
4 Results and discussion
4.1 Data source
CVE-ID | CVE Page | CWE-ID | Complexity | Confidentiality | Score |
---|---|---|---|---|---|
CVE-2022-23307 | CWE-502 | Low | None | 10 | |
CVE-2022-23227 | CWE-306 | Low | None | 10 | |
CVE-2022-23221 | CWE-94 | Low | None | 10 | |
CVE-2022-23178 | CWE-287 | Low | Partial | 10 | |
CVE-2022-23118 | CWE-269 | Low | Complete | 9 | |
CVE-2022-23009 | CWE-863 | Low | Complete | 9 | |
CVE-2022-22704 | CWE-269 | High | None | 10 |