Zihua Song scite author profile

Zihua Song

4Publications

8Citation Statements Received

71Citation Statements Given

How they've been cited

How they cite others

109

Affiliations

Sichuan University, Guizhou University

Publications

Order By: Most citations

HGVul: A Code Vulnerability Detection Method Based on Heterogeneous Source-Level Intermediate Representation

Song

Wang

Liu³

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Vulnerability detection on source code can prevent the risk of cyber-attacks as early as possible. However, lacking fine-grained analysis of the code has rendered the existing solutions still suffering from low performance; besides, the explosive growth of open-source projects has dramatically increased the complexity and diversity of the source code. This paper presents HGVul, a code vulnerability detection method based on heterogeneous intermediate representation of source code. The key of the proposed method is the fine-grained handling on heterogeneous source-level intermediate representation (SIR) without expert knowledge. It first extracts graph SIR of code with multiple syntactic-semantic information. Then, HGVul splits the SIR into different subgraphs according to various semantic relations, which are used to obtain semantic information conveyed by different types of edges. Next, a graph neural network with attention operations is deployed on each subgraph to learn representation, which captures the subtle effects from node neighbors on their representation. Finally, the learned code feature representations are utilized to perform vulnerability detection. Experiments are conducted on multiple datasets. The F1 of HGVul reaches 96.1% on the sample-balanced Big-Vul-VP dataset and 88.3% on the unbalanced Big-Vul dataset. Further experiments on actual open-source project datasets prove the better performance of HGVul.

show abstract

Enhancing software modularization via semantic outliers filtration and label propagation

Yang

Wang

Fang

et al. 2022

Information and Software Technology

View full text Add to dashboard Cite

Learning a holistic and comprehensive code representation for code summarization

Yang

Wang

Song

2023

Journal of Systems and Software

View full text Add to dashboard Cite

PRATD: A Phased Remote Access Trojan Detection Method with Double-Sided Features

et al. 2020

View full text Add to dashboard Cite

Remote Access Trojan (RAT) is one of the most terrible security threats that organizations face today. At present, two major RAT detection methods are host-based and network-based detection methods. To complement one another’s strengths, this article proposes a phased RATs detection method by combining double-side features (PRATD). In PRATD, both host-side and network-side features are combined to build detection models, which is conducive to distinguishing the RATs from benign programs because that the RATs not only generate traffic on the network but also leave traces on the host at run time. Besides, PRATD trains two different detection models for the two runtime states of RATs for improving the True Positive Rate (TPR). The experiments on the network and host records collected from five kinds of benign programs and 20 famous RATs show that PRATD can effectively detect RATs, it can achieve a TPR as high as 93.609% with a False Positive Rate (FPR) as low as 0.407% for the known RATs, a TPR 81.928% and FPR 0.185% for the unknown RATs, which suggests it is a competitive candidate for RAT detection.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Zihua Song

HGVul: A Code Vulnerability Detection Method Based on Heterogeneous Source-Level Intermediate Representation

Enhancing software modularization via semantic outliers filtration and label propagation

Learning a holistic and comprehensive code representation for code summarization

PRATD: A Phased Remote Access Trojan Detection Method with Double-Sided Features

Contact Info

Product

Resources

About