A new semantic annotation approach for software vulnerability source code Online publication date: Wed, 17-Feb-2021
by Chi Zhang; Jinfu Chen; Lei Zhang; Shujie Chen; Zufa Zhang
International Journal of Simulation and Process Modelling (IJSPM), Vol. 16, No. 1, 2021
Abstract: An efficient semantic annotation approach is proposed to annotate software vulnerability source code based on the vulnerability code semantic description language (VCSDL) in this paper. A set of general annotation frameworks is proposed for two basic components: basic description information of vulnerability and vulnerability source code description information in the language. Specific annotation methods are studied for these two components, according to the annotation method of the basic description information of vulnerability. Also, the corresponding attribute in the VCSDL document structure is extracted to determine the labelling of the basic information of the vulnerability. While, according to the vulnerability source code information, the semantic annotation of the source code information of the vulnerability is implemented. The experimental results show that the proposed semantic annotation approach has a better effectiveness on the annotation of datasets with a simple code structure and a smaller scale. The success rate and accuracy of the proposed annotation are higher and the false positive rate and false negative rate are lower.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Simulation and Process Modelling (IJSPM):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com