An Intelligent Software Vulnerability Detection Method Based on Co-training

CHENG Jianxin; WANG Shuanqi; XIE Wandong; LIU Zhao; YU Hang

doi:10.12382/bgxb.2025.0951

您当前的位置：

首页 >

文章列表页 >

An Intelligent Software Vulnerability Detection Method Based on Co-training

更新时间：2026-02-10

- An Intelligent Software Vulnerability Detection Method Based on Co-training
- Acta Armamentarii (2026)
- 作者机构：
  
  中国兵器工业信息中心,北京,100089
- 作者简介：
- 基金信息：
- DOI：10.12382/bgxb.2025.0951
  CLC： TP311
- Received：24 October 2025，
  
  Online First：10 February 2026，
- 稿件说明：
移动端阅览
程建新，王栓奇，谢晚冬，等. 基于协同训练的智能软件漏洞检测方法[J/OL]. 兵工学报, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951.

CHENG J N, WANG S N, XIE W N, et al. An intelligent software vulnerability detection method based on co-training cheng jianxin*, wang shuanqi, xie wandong, liu zhao, yu hang[J/OL]. Acta Armamentarii, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. (in Chinese)
程建新，王栓奇，谢晚冬，等. 基于协同训练的智能软件漏洞检测方法[J/OL]. 兵工学报, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. DOI：

CHENG J N, WANG S N, XIE W N, et al. An intelligent software vulnerability detection method based on co-training cheng jianxin*, wang shuanqi, xie wandong, liu zhao, yu hang[J/OL]. Acta Armamentarii, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. (in Chinese) DOI：

摘要

智能软件漏洞检测是保障智能化无人军事装备安全的关键环节。现有基于深度学习的软件漏洞检测方法难以在存在噪声标签的训练样本中学习高质量的代码特征表示，从而输出错误的漏洞检测结果。提出一种基于协同训练的智能软件漏洞检测方法，通过两种不同类型的标签识别策略，识别并修复训练数据集中潜在的噪声标签。漏洞检测模型在修复后的训练集上进行协同训练，优化训练样本的标签质量，最终提高智能软件漏洞检测的表现。在3个广泛使用的软件漏洞数据集上的实验结果表明，新方法在不同噪声标签环境下的表现均领先于6种鲁棒的漏洞检测方法，可有效确保智能化无人装备的软件安全性。

Abstract

Vulnerability detection in intelligent software plays a critical role in ensuring the security of intelligent unmanned military equipment.However

theexisting deep learning-basedsoftwarevulnerability detection methodsare difficultto learn high-quality code feature representations from training samples with noisy labels

leading to erroneous vulnerability detection outcomes.This paper proposes anintelligent software vulnerability detection method based on the co-training mechanism.Itemploystwo types oflabel identification strategies to detect andrepair thepotential noisy labels in the training dataset.Thevulnerability detection modelsare collaborativelytrainedon therepaireddataset to optimize the labelquality of training samples

ultimately enhancing the performance of intelligent software vulnerability detection. Experimental results onthreewidely-usedsoftwarevulnerability datasetsshowthat theproposedmethodoutperformssixrobust vulnerability detectionapproachesinvulnerability detection across various noisy labelsettings

and

effectively ensuresthe software security of intelligent unmanned equipment.

关键词

Keywords

references

叶仕俊, 张鹏程, 吉顺慧, 等. 人工智能软件系统的非功能属性及其质量保障方法综述[J]. 软件学报, 2023, 34(1): 103-129.

YE S J, ZHANG P C, JI S H, et al. Survey on non-functional attributes for AI-enabled software systems and quality assurance methods[J]. Journal of Software, 2023, 34(1): 103-129. (in Chinese)

赵晓冬, 张洵颖. 基于YOLOv5的无人车自主目标识别优化算法[J]. 兵工学报, 2023, 44(9): 2732-2744.

ZHAO X D, ZHANG X Y. Optimization algorithm of autonomous target recognition for unmanned vehicles based on YOLOv5[J]. Acta Armamentarii, 2023, 44(9): 2732-2744.(in Chinese)

赵海丽, 许修常, 潘宇航. 基于改进YOLOv7-tiny的车辆目标检测算法[J]. 兵工学报, 2025, 46(4): 103-113.

ZHAO H L, XU X C, PAN Y H. Vehicle target detection algorithm based on improved YOLOv7-tiny[J]. Acta Armamentarii, 2025, 46(4): 103-113. (in Chinese)

郭一鸣, 童一飞, 何非, 等. 基于多通道数据双层增强的样本不平衡故障诊断方法[J]. 兵工学报, 2025, 46(2): 289-302.

GUO Y M, TONG Y F, HE F, et al. Sample imbalanced fault diagnosis method based on multi-channel data double augmentation[J]. Acta Armamentarii, 2025, 46(2): 289-302. (in Chinese)

LIU Z G, QIAN P, WANG X, et al. Smart contract vulnerability detection: from pure neural network to interpretable graph feature and expert pattern fusion:arXiv:2106.09282[R].Ithaca,NY,US:Cornell University, 2021: 2106.09282.

ZHANG Z, LEI Y, YAN M, et al. Reentrancy vulnerability detection and localization: a deep learning based two-phase approach[C]//Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. Washington，D.C.,US:IEEE, 2022: 1-13.

WANG D J, CHEN J F, CAI S H, et al. SCVD-SA: a smart contract vulnerability detection method based on hybrid deep learning model and self-attention mechanism[C]//Proceedings of the 31st IEEE International Conference on Software Analysis, Evolution and Reengineering. Washington，D.C.,US:IEEE, 2024: 207-214.

SHEN Y M, LI K H, MAO L, et al. IntelliCon: confidence-based approach for fine-grained vulnerability analysis in smart contracts[C]//Proceedings of the 5th International Conference on Blockchain and Trustworthy Systems.Berlin, Germany：Springer, 2023: 45-59.

LI Z, PAN M X, PEI Y, et al. Robust learning of deep predictive models from noisy and imbalanced software engineering datasets[C]//Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. New York, N.Y., US: ACM, 2022: 1-13.

WEN X C, WANG X C, GAO C Y, et al. When less is enough: positive and unlabeled learning model for vulnerability detection[C]//Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering. Luxembourg, Luxembourg:IEEE, 2023: 345-357.

NIE X, LI N K, WANG K L, et al. Understanding and tackling label errors in deep learning-based vulnerability detection (Experience paper)[C]//Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. New York, N.Y., US: ACM, 2023: 52-63.

XU J Y, LI Y J, DENG R H. Differential training: a generic framework to reduce label noises for Android malware detection[C]//Proceedings of the 28th Conference on Network and Distributed System Security Symposium. San Diego, CA, USA; Internet Society, 2021: 1-14.

HAN B, YAO Q M, YU X R, et al. Co-teaching: robust training of deep neural networks with extremely noisy labels:arXiv:1804.06872[R].Ithaca,NY,US:Cornell University, 2018: 1804.06872.

YU X R, HAN B, YAO J C, et al. How does disagreement help generalization against label corruption?: arXiv:1901.04215[R].Ithaca,NY,US:Cornell University, 2019: 1901.04215.

VASWANI A, SHAZEER N, PARMAR N, et al. Attention is all you need:arXiv:1706.03762 [R].Ithaca,NY,US:Cornell University, 2017: 1706.03762.

PENNINGTON J, SOCHER R, MANNING C. Glove: global vectors for word representation[C]//Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing. Doha, Qatar; Association for Computational Linguistics, 2014: 1532-1543.

LI Z X, LU S Q, ZHANG R, et al. VulHunter: hunting vulnerable smart contracts at EVM bytecode-level via multiple instance learning[J]. IEEE Transactions on Software Engineering, 2023, 49(11): 4886-4916.

FEIST J, GRIECO G, GROCE A. Slither: a static analysis framework for smart contracts:arXiv:1908.09878v1 [R].Ithaca,NY,US:Cornell University,2019: 1908.09878v1 .

ZHU H J, YANG K X, WANG L M, et al. GraBit: a sequential model-based framework for smart contract vulnerability detection[C]//Proceedings of the 34th IEEE International Symposium on Software Reliability Engineering. Florence, Italy:IEEE, 2023: 568-577.

LI M L, REN X X, FU H, et al. ConvMHSA-SCVD: enhancing smart contract vulnerability detection through a knowledge-driven and data-driven framework[C]// Proceedings of the 34th IEEE International Symposium on Software Reliability Engineering. Florence, Italy:IEEE, 2023: 578-589.

YU X X, ZHAO H Y, HOU B T, et al. DeeSCVHunter: a deep learning-based framework for smart contract vulnerability detection[C]//Proceedings of the 31st International Joint Conference on Neural Networks. Shenzhen, China:IEEE, 2021: 1-8.

JIE W Q, CHEN Q, WANG J Q, et al. A novel extended multimodal AI framework towards vulnerability detection in smart contracts[J]. Information Sciences, 2023, 636: 118907.

TORRES C F, IANNILLO A K, GERVAIS A, et al. ConFuzzius: a data dependency-aware hybrid fuzzer for smart contracts:arXiv:2005.12156 [R].Ithaca,NY,US:Cornell University, 2020: 2005.12156.

NGUYEN T D, PHAM L H, SUN J, et al. SFuzz: an efficient adaptive fuzzer for solidity smart contracts: arXiv:2004.08563[R].Ithaca,NY,US:Cornell University, 2020: 2004.08563 .

ZHOU Y Q, LIU S Q, SIOW J K, et al. Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks:arXiv:1909.03496[R].Ithaca,NY,US:Cornell University, 2019: 1909.03496.

Views

下载量

CNKI被引量

Alert me when the article has been cited

提交

Tools

Publicity Resources

Prediction of Exterior Ballistics and Impact Point of Mortar Based on Transformer-LSTM Hybrid Neural Network

A Radar Signal Modulation Recognition Method Based on Multi-scale Dual Attention Network

Research on Infrared Target Detection and Tracking in Dark Environments

A Method for Detecting the Camouflaged Small Target in Complex Scene Using Airborne Polarization Remote Sensing

Joint State Equality Constraint Identification and Recursive Filtering Based on Deep Learning

Related Author

Shouhuai YANG

Jiangliu HUANG

Zhihua CHEN

Zhengui HUANG

Mingyu WU

Rongxian QIU

Chun ZHENG

Renlong LIAO

Related Institution

School of Information and Communication Engineering, University of Electronic Science and Technology of China

Wuhan Maritime Communication Research Institute

School of Communication and Information Engineering, Chongqing University of Posts and Telecommunications

School of Mechanical Engineering, Beijing Institute of Technology

Postal code：100089
Tel：010-68963060/68962718 Fax：010-68963025 Email：bgxb@cos.org.cn
Technical support is provided by Beijing Founder electronics co., LTD 京ICP备05059581号-4 京公网安备11010802024360号
It is recommended to read the content of this site in Chrome&IE9+. Please switch to extreme mode in browser 360.
Cookies We use cookies to help provide and enhance our service and tailor content. By continuing, you agree to the use of cookies.
Total Visits：49802 Visits Today：599

⁰