基于协同训练的智能软件漏洞检测方法

程建新; 王栓奇; 谢晚冬; 刘钊; 宇航

doi:10.12382/bgxb.2025.0951

您当前的位置：

首页 >

文章列表页 >

基于协同训练的智能软件漏洞检测方法

更新时间：2026-02-10

- 基于协同训练的智能软件漏洞检测方法
- An Intelligent Software Vulnerability Detection Method Based on Co-training
- 兵工学报 2026年
- 作者机构：
  
  中国兵器工业信息中心,北京,100089
- 作者简介：
- 基金信息：
- DOI：10.12382/bgxb.2025.0951
  中图分类号： TP311
- 收稿：2025-10-24，
  
  网络首发：2026-02-10，
- 稿件说明：
移动端阅览
程建新，王栓奇，谢晚冬，等. 基于协同训练的智能软件漏洞检测方法[J/OL]. 兵工学报, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951.

CHENG J N, WANG S N, XIE W N, et al. An intelligent software vulnerability detection method based on co-training cheng jianxin*, wang shuanqi, xie wandong, liu zhao, yu hang[J/OL]. Acta Armamentarii, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. (in Chinese)
程建新，王栓奇，谢晚冬，等. 基于协同训练的智能软件漏洞检测方法[J/OL]. 兵工学报, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. DOI：

CHENG J N, WANG S N, XIE W N, et al. An intelligent software vulnerability detection method based on co-training cheng jianxin*, wang shuanqi, xie wandong, liu zhao, yu hang[J/OL]. Acta Armamentarii, 2026(2026-02-10). https://doi.org/10.12382/bgxb.2025.0951. (in Chinese) DOI：

摘要

智能软件漏洞检测是保障智能化无人军事装备安全的关键环节。现有基于深度学习的软件漏洞检测方法难以在存在噪声标签的训练样本中学习高质量的代码特征表示，从而输出错误的漏洞检测结果。提出一种基于协同训练的智能软件漏洞检测方法，通过两种不同类型的标签识别策略，识别并修复训练数据集中潜在的噪声标签。漏洞检测模型在修复后的训练集上进行协同训练，优化训练样本的标签质量，最终提高智能软件漏洞检测的表现。在3个广泛使用的软件漏洞数据集上的实验结果表明，新方法在不同噪声标签环境下的表现均领先于6种鲁棒的漏洞检测方法，可有效确保智能化无人装备的软件安全性。

Abstract

Vulnerability detection in intelligent software plays a critical role in ensuring the security of intelligent unmanned military equipment.However

theexisting deep learning-basedsoftwarevulnerability detection methodsare difficultto learn high-quality code feature representations from training samples with noisy labels

leading to erroneous vulnerability detection outcomes.This paper proposes anintelligent software vulnerability detection method based on the co-training mechanism.Itemploystwo types oflabel identification strategies to detect andrepair thepotential noisy labels in the training dataset.Thevulnerability detection modelsare collaborativelytrainedon therepaireddataset to optimize the labelquality of training samples

ultimately enhancing the performance of intelligent software vulnerability detection. Experimental results onthreewidely-usedsoftwarevulnerability datasetsshowthat theproposedmethodoutperformssixrobust vulnerability detectionapproachesinvulnerability detection across various noisy labelsettings

and

effectively ensuresthe software security of intelligent unmanned equipment.

关键词

Keywords

references

叶仕俊, 张鹏程, 吉顺慧, 等. 人工智能软件系统的非功能属性及其质量保障方法综述[J]. 软件学报, 2023, 34(1): 103-129.

YE S J, ZHANG P C, JI S H, et al. Survey on non-functional attributes for AI-enabled software systems and quality assurance methods[J]. Journal of Software, 2023, 34(1): 103-129. (in Chinese)

赵晓冬, 张洵颖. 基于YOLOv5的无人车自主目标识别优化算法[J]. 兵工学报, 2023, 44(9): 2732-2744.

ZHAO X D, ZHANG X Y. Optimization algorithm of autonomous target recognition for unmanned vehicles based on YOLOv5[J]. Acta Armamentarii, 2023, 44(9): 2732-2744.(in Chinese)

赵海丽, 许修常, 潘宇航. 基于改进YOLOv7-tiny的车辆目标检测算法[J]. 兵工学报, 2025, 46(4): 103-113.

ZHAO H L, XU X C, PAN Y H. Vehicle target detection algorithm based on improved YOLOv7-tiny[J]. Acta Armamentarii, 2025, 46(4): 103-113. (in Chinese)

郭一鸣, 童一飞, 何非, 等. 基于多通道数据双层增强的样本不平衡故障诊断方法[J]. 兵工学报, 2025, 46(2): 289-302.

GUO Y M, TONG Y F, HE F, et al. Sample imbalanced fault diagnosis method based on multi-channel data double augmentation[J]. Acta Armamentarii, 2025, 46(2): 289-302. (in Chinese)

LIU Z G, QIAN P, WANG X, et al. Smart contract vulnerability detection: from pure neural network to interpretable graph feature and expert pattern fusion:arXiv:2106.09282[R].Ithaca,NY,US:Cornell University, 2021: 2106.09282.

ZHANG Z, LEI Y, YAN M, et al. Reentrancy vulnerability detection and localization: a deep learning based two-phase approach[C]//Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. Washington，D.C.,US:IEEE, 2022: 1-13.

WANG D J, CHEN J F, CAI S H, et al. SCVD-SA: a smart contract vulnerability detection method based on hybrid deep learning model and self-attention mechanism[C]//Proceedings of the 31st IEEE International Conference on Software Analysis, Evolution and Reengineering. Washington，D.C.,US:IEEE, 2024: 207-214.

SHEN Y M, LI K H, MAO L, et al. IntelliCon: confidence-based approach for fine-grained vulnerability analysis in smart contracts[C]//Proceedings of the 5th International Conference on Blockchain and Trustworthy Systems.Berlin, Germany：Springer, 2023: 45-59.

LI Z, PAN M X, PEI Y, et al. Robust learning of deep predictive models from noisy and imbalanced software engineering datasets[C]//Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. New York, N.Y., US: ACM, 2022: 1-13.

WEN X C, WANG X C, GAO C Y, et al. When less is enough: positive and unlabeled learning model for vulnerability detection[C]//Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering. Luxembourg, Luxembourg:IEEE, 2023: 345-357.

NIE X, LI N K, WANG K L, et al. Understanding and tackling label errors in deep learning-based vulnerability detection (Experience paper)[C]//Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. New York, N.Y., US: ACM, 2023: 52-63.

XU J Y, LI Y J, DENG R H. Differential training: a generic framework to reduce label noises for Android malware detection[C]//Proceedings of the 28th Conference on Network and Distributed System Security Symposium. San Diego, CA, USA; Internet Society, 2021: 1-14.

HAN B, YAO Q M, YU X R, et al. Co-teaching: robust training of deep neural networks with extremely noisy labels:arXiv:1804.06872[R].Ithaca,NY,US:Cornell University, 2018: 1804.06872.

YU X R, HAN B, YAO J C, et al. How does disagreement help generalization against label corruption?: arXiv:1901.04215[R].Ithaca,NY,US:Cornell University, 2019: 1901.04215.

VASWANI A, SHAZEER N, PARMAR N, et al. Attention is all you need:arXiv:1706.03762 [R].Ithaca,NY,US:Cornell University, 2017: 1706.03762.

PENNINGTON J, SOCHER R, MANNING C. Glove: global vectors for word representation[C]//Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing. Doha, Qatar; Association for Computational Linguistics, 2014: 1532-1543.

LI Z X, LU S Q, ZHANG R, et al. VulHunter: hunting vulnerable smart contracts at EVM bytecode-level via multiple instance learning[J]. IEEE Transactions on Software Engineering, 2023, 49(11): 4886-4916.

FEIST J, GRIECO G, GROCE A. Slither: a static analysis framework for smart contracts:arXiv:1908.09878v1 [R].Ithaca,NY,US:Cornell University,2019: 1908.09878v1 .

ZHU H J, YANG K X, WANG L M, et al. GraBit: a sequential model-based framework for smart contract vulnerability detection[C]//Proceedings of the 34th IEEE International Symposium on Software Reliability Engineering. Florence, Italy:IEEE, 2023: 568-577.

LI M L, REN X X, FU H, et al. ConvMHSA-SCVD: enhancing smart contract vulnerability detection through a knowledge-driven and data-driven framework[C]// Proceedings of the 34th IEEE International Symposium on Software Reliability Engineering. Florence, Italy:IEEE, 2023: 578-589.

YU X X, ZHAO H Y, HOU B T, et al. DeeSCVHunter: a deep learning-based framework for smart contract vulnerability detection[C]//Proceedings of the 31st International Joint Conference on Neural Networks. Shenzhen, China:IEEE, 2021: 1-8.

JIE W Q, CHEN Q, WANG J Q, et al. A novel extended multimodal AI framework towards vulnerability detection in smart contracts[J]. Information Sciences, 2023, 636: 118907.

TORRES C F, IANNILLO A K, GERVAIS A, et al. ConFuzzius: a data dependency-aware hybrid fuzzer for smart contracts:arXiv:2005.12156 [R].Ithaca,NY,US:Cornell University, 2020: 2005.12156.

NGUYEN T D, PHAM L H, SUN J, et al. SFuzz: an efficient adaptive fuzzer for solidity smart contracts: arXiv:2004.08563[R].Ithaca,NY,US:Cornell University, 2020: 2004.08563 .

ZHOU Y Q, LIU S Q, SIOW J K, et al. Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks:arXiv:1909.03496[R].Ithaca,NY,US:Cornell University, 2019: 1909.03496.

浏览量

下载量

CNKI被引量

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于Transformer-LSTM混合神经网络的迫弹外弹道及落点预测方法

基于多尺度双重注意力网络的雷达信号调制识别方法

暗环境下红外目标检测跟踪方法研究

复杂场景伪装小目标机载偏振遥感检测方法

基于深度学习的联合等式状态约束辨识与递推滤波