A Security-Sensitive Function Mining Framework for Source Code

Download PDF
Open Webpage

Lin Chen, Chunfang Yang, Fenlin Liu, Daofu Gong, Shichang Ding

Published: 01 Jan 2019, Last Modified: 12 Apr 2025ICAIS (4) 2019EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: The security-sensitive functions can be effectively used to improve the efficiency of vulnerability mining techniques, but mining security-sensitive functions of the large-scale code base is difficult. An automatic mining framework for security-sensitive functions is proposed. Firstly, a class of high-resolution code features is used to extract suspected security-sensitive function sets, and then a class of code features is applied to measure the sensitivity of each suspected security-sensitive function. Ultimately, the final security-sensitive function set is ensured based on the measurement result. Established along the framework, a mining algorithm for a type security-sensitive function is proposed. Through the mining experiments on three well-known open source codes, the performance of this algorithm is better than the existing methods.

OpenReview is a long-term project to advance science through improved peer review with legal nonprofit status. We gratefully acknowledge the support of the OpenReview Sponsors. © 2025 OpenReview