Article: A rapid vulnerability identification of open source software based on a two-way long-short-term memory network Journal: International Journal of Computing Science and Mathematics (IJCSM) 2024 Vol.20 No.3 pp.243 - 258 Abstract: In order to improve the accuracy and efficiency of vulnerability identification, a rapid vulnerability identification method of open source software based on a two-way long-short-term memory network was designed. Firstly, the vulnerability trigger file is analysed based on the description of open source software vulnerability reporting problems. Secondly, mining technology is used to describe the difference between normal behaviour and vulnerability behaviour of open source software, and determine the vulnerability characteristics of open source software. Finally, bidirectional long-short-term memory (LSTM) is designed based on the conventional LSTM, and it is combined with the attention mechanism to build a new open source software vulnerability identification framework, and the bidirectional LSTM is used to achieve the rapid identification of open source software vulnerabilities. Experiments show that the maximum average accuracy of vulnerability identification of open source software by this method can reach 97.4%, and the maximum response time is only 4386 ms. Inderscience Publishers - linking academia, business and industry through research

Title: A rapid vulnerability identification of open source software based on a two-way long-short-term memory network

Authors: Yong Bai; Lijuan Liu; Qingbo Huang; Jiehai Deng

Addresses: School of Artificial Intelligence, Neijiang Normal University, Neijang, 641112, China ' School of Artificial Intelligence, Neijiang Normal University, Neijang, 641112, China ' Basic Teaching Department of Chongqing College of Architecture and Technology, Chongqing, 401331, China ' Shanxi College of Traditional Chinese Medicine, Fuzhou, 344000, China

Abstract: In order to improve the accuracy and efficiency of vulnerability identification, a rapid vulnerability identification method of open source software based on a two-way long-short-term memory network was designed. Firstly, the vulnerability trigger file is analysed based on the description of open source software vulnerability reporting problems. Secondly, mining technology is used to describe the difference between normal behaviour and vulnerability behaviour of open source software, and determine the vulnerability characteristics of open source software. Finally, bidirectional long-short-term memory (LSTM) is designed based on the conventional LSTM, and it is combined with the attention mechanism to build a new open source software vulnerability identification framework, and the bidirectional LSTM is used to achieve the rapid identification of open source software vulnerabilities. Experiments show that the maximum average accuracy of vulnerability identification of open source software by this method can reach 97.4%, and the maximum response time is only 4386 ms.

Keywords: open source software; vulnerability analysis; vulnerability characteristics; two-way long-short-term memory network; attention layer.

DOI: 10.1504/IJCSM.2024.142731

International Journal of Computing Science and Mathematics, 2024 Vol.20 No.3, pp.243 - 258

Received: 13 Dec 2023
Accepted: 05 Jul 2024
Published online: 19 Nov 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: A rapid vulnerability identification of open source software based on a two-way long-short-term memory network

Keep up-to-date