[go: up one dir, main page]

CN119004486B - Intelligent screening method for software information of motor vehicle inspection and testing equipment - Google Patents

Intelligent screening method for software information of motor vehicle inspection and testing equipment Download PDF

Info

Publication number
CN119004486B
CN119004486B CN202411456346.2A CN202411456346A CN119004486B CN 119004486 B CN119004486 B CN 119004486B CN 202411456346 A CN202411456346 A CN 202411456346A CN 119004486 B CN119004486 B CN 119004486B
Authority
CN
China
Prior art keywords
source code
control software
machine control
station machine
sequence
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411456346.2A
Other languages
Chinese (zh)
Other versions
CN119004486A (en
Inventor
张世通
董鹏举
陈梦晖
张西岭
闫卫杰
郭鑫
李晰昀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Keyware Co ltd
Original Assignee
Beijing Keyware Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Keyware Co ltd filed Critical Beijing Keyware Co ltd
Priority to CN202411456346.2A priority Critical patent/CN119004486B/en
Publication of CN119004486A publication Critical patent/CN119004486A/en
Application granted granted Critical
Publication of CN119004486B publication Critical patent/CN119004486B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Stored Programmes (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application relates to the field of intelligent data analysis, and provides an intelligent screening method for software information of motor vehicle inspection and detection equipment, which is characterized in that source codes in a control exe software package of a station machine are extracted to obtain source codes of the control software of the station machine, and sentence processing, semantic coding and optimization of the source codes of the control software of the station machine are carried out by adopting a source code processing and analysis technology based on deep learning, so that a security leak detection result is automatically obtained according to the global associated information of semantic features of each optimized source code. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.

Description

Intelligent screening method for software information of motor vehicle inspection and detection equipment
Technical Field
The application relates to the field of intelligent data analysis, in particular to an intelligent screening method for software information of motor vehicle inspection and detection equipment.
Background
The motor vehicle inspection and detection device is a professional device for performing various safety and performance checks on the motor vehicle. These devices typically include a hardware portion and a software portion, where the software portion is responsible for controlling the hardware's tasks of operation, data acquisition, processing, and report generation.
Station machine control software is one of the core components of such equipment, and is directly related to the accuracy, reliability and safety of detection. The control software of the station machine is responsible for coordinating the detection flow, managing the detection data and ensuring the accuracy and reliability of the detection result. Therefore, the safety and stability of the software are critical, and any software bug may cause an error in detection result, thereby affecting the safety assessment of the motor vehicle and even causing legal disputes.
However, conventional static code analysis tools focus mainly on the syntax and structure of code in the machine control software security assessment, rather than the actual execution path of the code. This means that static analysis may not provide adequate insight for vulnerabilities that only manifest under certain runtime conditions, such as time-dependent race conditions, memory leaks, or complex input processing logic. Furthermore, static analysis tools are often difficult to understand and evaluate complex business logic, which can cause them to miss logic errors that are hidden in deep conditional statements and program streams. For example, a complex conditional branch may lead to unauthorized access or data leakage under certain conditions, but these conditions may not be fully explored in static analysis.
Therefore, an optimized method for screening software information of a motor vehicle inspection and detection device is desired.
Disclosure of Invention
Aiming at the defects in the prior art, the application provides an intelligent screening method for software information of motor vehicle inspection and detection equipment.
According to one aspect of the present application, there is provided a method for intelligently screening software information of a motor vehicle inspection and detection device, comprising:
Determining the directory location and the file location of the motor vehicle inspection and detection equipment software;
Extracting a workstation machine control exe software package based on the directory position and the file position;
Extracting key information from the workstation machine control exe software package, wherein the key information comprises a version number, a compiling date, a digital signature and a configuration file;
performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result;
performing vulnerability detection on the workstation machine control exe software package to obtain a security vulnerability detection result, wherein the vulnerability detection comprises the following steps:
extracting a source code in the station machine control exe software package to obtain a station machine control software source code;
Performing clause processing on the source code of the station machine control software to obtain a sequence of description sentences of the source code of the station machine control software;
Performing semantic coding on each station machine control software source code description sentence in the sequence of the station machine control software source code description sentences to obtain a sequence of the station machine control software source code sentence granularity semantic coding feature vectors;
Performing feature association optimization processing based on sequence endophytic correlation quantization on the sequence of the source code sentence granularity semantic coding feature vector of the control software of the station machine to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the station machine;
inputting the sequence of the source code sentence granularity semantic optimization coding feature vector of the station machine control software into a code sentence granularity global semantic association coder to obtain the source code global semantic coding feature vector of the station machine control software;
And obtaining the security hole detection result based on the station machine control software source code global semantic coding feature vector.
The application has the remarkable technical effects due to the adoption of the technical scheme:
The intelligent screening method for the software information of the motor vehicle inspection and detection equipment provided by the application is characterized in that the source codes in the station machine control exe software package are extracted to obtain station machine control software source codes, and the sentence processing, semantic coding and optimization of the station machine control software source codes are performed by adopting a deep learning-based source code processing and analyzing technology, so that a security leak detection result is automatically obtained according to the global associated information of semantic features of each optimized source code. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.
Drawings
The above and other objects, features and advantages of the present application will become more apparent by describing embodiments of the present application in more detail with reference to the attached drawings. The accompanying drawings are included to provide a further understanding of embodiments of the application and are incorporated in and constitute a part of this specification, illustrate the application and together with the embodiments of the application, and not constitute a limitation to the application. In the drawings, like reference numerals generally refer to like parts or steps.
Fig. 1 is a flowchart of a method for intelligently screening software information of a motor vehicle inspection and detection device according to an embodiment of the present application.
Fig. 2 is a flowchart of performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result in the intelligent screening method for the software information of the motor vehicle inspection and detection equipment according to the embodiment of the application.
Fig. 3 is a schematic data flow diagram of performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result in the intelligent screening method for the software information of the motor vehicle inspection and detection device according to the embodiment of the application.
Fig. 4 is a flowchart of inputting a sequence of source code sentence granularity semantic coding feature vectors of the control software of the workstation machine into a feature up-down Wen Yuyi association optimization module based on sequence endophytic relevance quantization to obtain a sequence of source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine in the intelligent screening method for software information of the motor vehicle inspection and detection equipment according to an embodiment of the application.
Detailed Description
Hereinafter, exemplary embodiments according to the present application will be described in detail with reference to the accompanying drawings. It should be apparent that the described embodiments are only some embodiments of the present application and not all embodiments of the present application, and it should be understood that the present application is not limited by the example embodiments described herein.
It should be understood that the various steps recited in the method embodiments of the present application may be performed in a different order and/or performed in parallel. Furthermore, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the application is not limited in this respect.
In describing embodiments of the present application, the term "comprising" and its like should be taken to be open-ended, i.e., including, but not limited to. The term "based on" should be understood as "based at least in part on". The term "one embodiment" or "the embodiment" should be understood as "at least one embodiment". The terms "first," "second," and the like, may refer to different or the same object. Other explicit and implicit definitions are also possible below.
It should be noted that references to "one", "a plurality" and "a plurality" in this disclosure are intended to be illustrative rather than limiting, and those of ordinary skill in the art will appreciate that "one or more" is intended to be construed unless the context clearly indicates otherwise.
Automotive inspection and detection equipment is a precision tool specifically designed for safety and performance detection of vehicles. These devices consist of two major parts, hardware and software, where the software part plays a vital role, which not only controls the operation of the hardware, but also is responsible for the collection, processing and report generation of data.
In such devices, the machine control software is the core component, which directly determines the accuracy and reliability of the detection. The main tasks of the software are to manage the whole detection flow, maintain the detection data and ensure the accuracy of the detection result. The safety and stability of the software are critical to the detection results, and any potential software defect may lead to false detection results, which not only affect the safety assessment of the motor vehicle, but may also cause legal problems.
While conventional static code analysis tools play a role in assessing the security of the machine control software, they focus primarily on the syntactic and structural analysis of the code, rather than the actual execution path of the code. This means that static analysis may not provide adequate insight for those problems that may only manifest themselves under certain operating conditions, such as time-dependent race conditions, memory leaks, or complex input processing logic. Furthermore, static analysis tools have limitations in understanding and evaluating complex business logic, which can cause them to ignore those logic flaws that are hidden in deep condition judgment and program flow. For example, a complex conditional branch may lead to unauthorized access or data leakage under certain conditions, but these conditions may not be fully considered during static analysis.
Based on the method, the application provides an intelligent screening method for the software information of the motor vehicle inspection and detection equipment. Fig. 1 is a flowchart of a method for intelligently screening software information of a motor vehicle inspection and detection device according to an embodiment of the present application. As shown in FIG. 1, the intelligent screening method for the motor vehicle inspection and detection equipment software information comprises the steps of S110 determining the directory position and the file position of motor vehicle inspection and detection equipment software, S120 extracting a station machine control exe software package based on the directory position and the file position, S130 extracting key information from the station machine control exe software package, wherein the key information comprises a version number, a compiling date, a digital signature and a configuration file, and S140 carrying out vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result.
It should be appreciated that in order to define the specific target scope for analysis and processing, it is first necessary to determine the directory location and file location of the motor vehicle inspection test equipment software, which may typically be performed by scanning a specified installation path through the API of the operating system. Then, considering that the software part of the motor vehicle inspection and detection device is complex, the device comprises a plurality of modules and files with different functions. The station machine control exe software package is a core component part in the motor vehicle inspection and detection equipment software, and comprises key components and codes required by software operation, and in order to ensure that no key information is missed in the analysis process, the station machine control exe software package needs to be extracted based on the directory position and the file position. Then, in order to comprehensively evaluate the safety of the software, key information such as version numbers, compiling dates, digital signatures, configuration files and the like need to be extracted from the station machine control exe software package, the information provides a basis for vulnerability management and fault detection, and the overall reliability and safety of the motor vehicle inspection and detection equipment software can be effectively improved through systematically extracting and analyzing the information. Finally, vulnerability detection is required to be carried out on the station machine control exe software package to obtain a security vulnerability detection result.
Correspondingly, in the process of performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result, extracting source codes in the station machine control exe software package to obtain station machine control software source codes, and performing clause processing, semantic coding and optimization of the station machine control software source codes by adopting a source code processing and analysis technology based on deep learning, so that the security vulnerability detection result is automatically obtained according to the global association information of semantic features of each optimized source code. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.
Fig. 2 is a flowchart of performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result in the intelligent screening method for the software information of the motor vehicle inspection and detection equipment according to the embodiment of the application. Fig. 3 is a schematic data flow diagram of performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result in the intelligent screening method for the software information of the motor vehicle inspection and detection device according to the embodiment of the application. As shown in fig. 2 and 3, performing vulnerability detection on the workstation machine control exe software package to obtain a security vulnerability detection result, wherein the vulnerability detection method comprises the steps of S141, extracting source codes in the workstation machine control exe software package to obtain a workstation machine control software source code, S142, performing clause processing on the workstation machine control software source code to obtain a sequence of workstation machine control software source code description sentences, S143, performing semantic coding on each workstation machine control software source code description sentence in the sequence of workstation machine control software source code description sentences to obtain a sequence of workstation machine control software source code granularity semantic coding feature vectors, S144, performing feature correlation optimization processing on the sequence of workstation machine control software source code granularity semantic coding feature vectors based on sequence endogenous correlation quantization to obtain a sequence of workstation machine control software source code granularity semantic optimization coding feature vectors, S145, inputting the sequence of the workstation machine control software source code granularity semantic optimization coding feature vectors into a code granularity global semantic correlation encoder to obtain a workstation machine control software source code global semantic coding feature vector, and S146, and obtaining the security vulnerability detection result based on the workstation machine control software source code.
In step S141, source codes in the workstation machine control exe software package are extracted to obtain a workstation machine control software source code. It should be understood that the source code is the keystone of the software, which contains all the logic and instructions of the software. By extracting the source code, the running mechanism and business flow of the software can be deeply understood, which is the premise of security hole detection. And starting directly from the source code, potential vulnerabilities that are difficult to detect by conventional means after compilation can be captured, which may be hidden in complex conditional statements, loop structures, or specific function calls, which may pose a threat to the security of the software. In general, the extracted source code of the station machine control software is direct data of security hole detection, and the security holes can be effectively identified through analysis of the source code, so that technical maintenance personnel can find and solve security problems in time, and the security and reliability of the software are improved.
In step S142, the source code of the machine control software is processed in clauses to obtain a sequence of source code descriptions of the machine control software. Accordingly, given that the source code of the control software of the workstation machine contains specific mode, structure or function call information in different codes, the specific mode, structure or function call information can be a mark of security holes. Based on the above, in order to understand and analyze the logic structure of each source code description sentence more carefully, in the technical scheme of the application, the source code of the station machine control software is processed in clauses to obtain the sequence of the source code description sentence of the station machine control software. That is, the clause processing breaks the source code of the machine control software into smaller, manageable units (clauses), which helps to more accurately analyze the structure and logic of the code.
In step S143, semantic coding is performed on each source code description sentence of the source code of the control software of the workstation machine in the sequence of source code descriptions of the control software of the workstation machine to obtain a sequence of source code sentences of the control software of the workstation machine with granularity and semantic coding feature vectors. Accordingly, considering that each of the source code descriptions of the machine control software contains patterns and structures related to specific codes, the method is very important for discovering potential security holes and code quality problems. Based on the above, in the technical scheme of the application, semantic coding is carried out on each station machine control software source code description sentence in the sequence of the station machine control software source code description sentences so as to convert the code description sentences into information capable of representing the semantics of the code description sentences, and the sequence of the granularity semantic coding feature vectors of the station machine control software source code sentences is obtained.
In step S144, the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the workstation machine is subjected to feature association optimization processing based on sequence endophytic correlation quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the workstation machine. Specifically, in the embodiment of the application, the feature association optimization processing based on sequence endophytic correlation quantization is carried out on the sequence of the source code sentence granularity semantic coding feature vectors of the control software of the workstation machine to obtain the sequence of the source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine, and the feature association optimization module is used for inputting the sequence of the source code sentence granularity semantic coding feature vectors of the control software of the workstation machine into the feature upper and lower Wen Yuyi association optimization module based on sequence endophytic correlation quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine.
It should be appreciated that the workstation machine control software has interrelationships and contextual semantic information between sequences of source code sentence granularity semantic coding feature vectors, and that each feature has a different degree of contribution and importance throughout the code semantic range. In order to enhance the expression capability of each feature vector and enable each feature to more effectively convey semantic information of the feature, in the technical scheme of the application, the sequence of the source code sentence granularity semantic coding feature vector of the control software of the station machine is input into a feature up-down Wen Yuyi association optimization module based on sequence endophytic relevance quantization so as to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the station machine. In particular, the feature up-down Wen Yuyi association optimization module based on the sequence endophytic correlation quantization improves the accuracy and the effectiveness of feature expression by quantizing and enhancing the semantic relation between feature vectors. Specifically, firstly, a semantic association relation between any two feature vectors in a sequence of the source code sentence granularity semantic coding feature vectors of the control software of the workstation machine is calculated to obtain a set of source code sentence granularity semantic association score vectors of the control software of the workstation machine. It should be appreciated that the score vector helps identify what interactions between portions of code are important, thereby quantifying semantic links between different code features, providing a basis for subsequent sequence semantic aggregation. And then, carrying out mean calculation on the obtained set of score vectors to capture the average semantic relevance of the whole code sequence so as to determine the global representation vector of the endophytic relevance of the source code sentence granularity sequence of the control software of the workstation. And then, calculating the associated optimization factor of each station machine control software source code sentence granularity semantic coding feature vector based on the station machine control software source code sentence granularity sequence endophytic correlation global expression vector to enhance the distinction degree between different feature vectors, so that each feature vector can more accurately represent the unique semantic information of the feature vector, and the sequence of the station machine control software source code sentence granularity semantic association optimization factor is obtained. Furthermore, in order to enhance the degree of distinction between different optimization factors, especially when some factors are more important than others, the sequence of the associated optimization factors is input into a Softmax activation function to be converted into weight factors to realize normalization processing, so that the sequence of the source code sentence granularity semantic association optimization weight factors of the control software of the workstation machine is obtained. And finally, carrying out weighting treatment on the sequence of the source code sentence granularity semantic coding feature vectors of the control software of the workstation machine based on each associated optimization weight factor to enhance the features which are more important to analysis targets (such as vulnerability detection and code quality evaluation), and ensuring that the model focuses on the key information more so as to generate the sequence of the source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine.
Specifically, fig. 4 is a flowchart of inputting a sequence of source code sentence granularity semantic coding feature vectors of the control software of the workstation machine into a feature up-down Wen Yuyi association optimization module based on sequence endophytic relevance quantization to obtain a sequence of source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine in the intelligent screening method for software information of the motor vehicle inspection and detection equipment according to an embodiment of the present application. As shown in figure 4, inputting the sequence of the source code sentence granularity semantic coding feature vectors of the workstation machine control software into a feature up-down Wen Yuyi association optimization module based on sequence endogenous correlation quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vectors of the workstation machine control software, wherein the feature up-down Wen Yuyi association optimization module comprises S1441, calculating semantic association score vectors between any two arbitrary two source code sentence granularity semantic coding feature vectors in the sequence of the source code sentence granularity semantic coding feature vectors of the workstation machine control software to obtain a set of source code sentence granularity semantic association score vectors of the workstation machine control software, S1442, determining a global representation vector of the endogenous correlation in the sequence of the source code sentence granularity of the workstation machine control software based on the set of source code sentence granularity semantic association score vectors of the workstation machine control software, S1443, calculating association optimization factors of the source code granularity semantic coding feature vectors of the workstation machine control software in the sequence of the source code granularity semantic coding feature vectors of the workstation machine control software to obtain a set of the source code granularity semantic association score vectors of the workstation machine control software, S1444, and S1445, wherein the station machine control software source code granularity optimization feature vectors of the workstation machine control software are used as the workstation machine control software association factor optimization factor, and weighting each station machine control software source code sentence granularity semantic coding feature vector in the sequence of the station machine control software source code sentence granularity semantic coding feature vectors respectively to obtain the sequence of the station machine control software source code sentence granularity semantic optimization coding feature vectors.
More specifically, in the embodiment of the application, a semantic association score vector between any two station machine control software source code sentence granularity semantic encoding feature vectors in a sequence of the station machine control software source code sentence granularity semantic encoding feature vectors is calculated to obtain a set of station machine control software source code sentence granularity semantic association score vectors, and the method comprises the steps of carrying out cascading processing on any two station machine control software source code sentence granularity semantic encoding feature vectors in the sequence of the station machine control software source code sentence granularity semantic encoding feature vectors to obtain a set of station machine control software source code sentence granularity semantic cascading feature vectors, multiplying each station machine control software source code sentence granularity semantic cascading feature vector in the set of station machine control software source code sentence granularity semantic cascading feature vectors with a station machine control software source code sentence granularity semantic weight matrix, and then carrying out position-based addition on the station machine control software source code sentence granularity semantic offset vectors to obtain the set of station machine control software source code granularity semantic association score vectors.
More specifically, in the embodiment of the application, the method for determining the endogeneous relevance global expression vector of the source code sentence granularity sequence of the control software of the workstation machine based on the set of the source code sentence granularity semantic relevance score vectors of the control software of the workstation machine comprises the steps of calculating the mean vector of the set of the source code sentence granularity semantic relevance score vectors of the control software of the workstation machine as the endogeneous relevance global expression vector of the source code sentence granularity sequence of the control software of the workstation machine.
More specifically, in the embodiment of the application, based on the intra-generation correlation global expression vector in the sequence of the source code sentence granularity of the station machine control software, the correlation optimization factors of the source code sentence granularity semantic coding feature vectors of the station machine control software in the sequence of the source code sentence granularity semantic coding feature vectors of the station machine control software are calculated to obtain the sequence of the source code sentence granularity semantic correlation optimization factors of the station machine control software, the method comprises the steps of multiplying the intra-generation correlation global expression vector in the sequence of the source code sentence granularity of the station machine control software with the global weight matrix of the station machine control software to obtain the global expression weight vector of the station machine control software source code, multiplying each source code sentence granularity semantic coding feature vector in the sequence of the source code sentence granularity semantic coding feature vectors of the station machine control software with the local weight matrix of the station machine control software source code to obtain the set of the source code semantic weight vector of the station machine control software, and multiplying each source code sentence granularity semantic coding feature vector of the station machine control software in the sequence of the station machine control software source code granularity semantic coding feature vectors of the station machine control software with the global expression weight vector of the station machine control software source code semantic feature vectors of the station machine control software, and the station machine control software source code semantic vector of the station machine control software source code semantic coding feature vectors of the station machine control software.
More specifically, in the embodiment of the application, the activation processing is performed on the sequence of the source code sentence granularity semantic association optimization factors of the control software of the workstation machine to obtain the sequence of the source code sentence granularity semantic association optimization weight factors of the control software of the workstation machine, and the activation processing comprises the steps of inputting the sequence of the source code sentence granularity semantic association optimization factors of the control software of the workstation machine into a Softmax activation function to obtain the sequence of the source code sentence granularity semantic association optimization weight factors of the control software of the workstation machine.
In the embodiment of the application, specifically, the sequence of the source code sentence granularity semantic coding feature vector of the control software of the workstation machine is subjected to feature association optimization processing based on sequence endogenesis relativity quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the workstation machine, the method comprises the steps of inputting the sequence of the source code sentence granularity semantic coding feature vector of the control software of the workstation machine into a feature upper and lower Wen Yuyi association optimization module based on sequence endogenesis relativity quantization, and processing the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the workstation machine according to the following semantic association optimization formula, wherein the semantic association optimization formula is as follows:
Wherein, A sequence of semantically encoded feature vectors for the source code sentence granularity of the workstation machine control software,The number of the feature vectors in the sequence of the semantic coding feature vectors representing the granularity of the source code sentence of the control software of the workstation machine,AndRespectively, the first part in the sequence of the source code sentence granularity semantic coding feature vector of the control software of the working position machineAnd (d)The control software of the workstation machine performs granularity semantic coding on feature vectors,In order to perform the cascade of processing operations,Controlling a source code sentence granularity semantic weight matrix for the workstation machine,Is the semantic offset vector of the granularity of the source code sentence of the control software of the workstation,The control software of the workstation machine is the first in a set of source code sentence granularity semantic association scoring vectorsThe individual workstation machine controls the source code sentence granularity semantic association score vector,Controlling the number of vectors in a set of source code sentence granularity semantic association scoring vectors for the workstation machine,Generating a correlation global expression vector for the source code sentence granularity sequence of the control software of the workstation,AndThe global weight matrix of the source code of the control software of the working position machine and the local weight matrix of the source code of the control software of the working position machine are respectively provided,A software source code bias vector is controlled for the workstation machine,Is thatThe function of the function is that,Is thatFunction ofOptimizing the weight factor of the sequence of the source code sentence granularity semantic association of the station machine control softwareThe individual workstation machine controls the source code sentence granularity semantic association optimization weight factors,Optimizing the sequence of coding feature vectors for the granularity semantics of source code sentences of the control software of the working machineThe individual workstation machine controls the source code sentence granularity semantic optimization coding feature vector.
In step S145, the sequence of the source code sentence granularity semantic optimization coding feature vector of the handler control software is input into a code sentence granularity global semantic association encoder to obtain the source code global semantic coding feature vector of the handler control software. Specifically, in the embodiment of the application, the sequence of the source code sentence granularity semantic optimization coding feature vector of the station machine control software is input into a code sentence granularity global semantic association coder to obtain the source code global semantic optimization coding feature vector of the station machine control software, and the method comprises the step of inputting the sequence of the source code sentence granularity semantic optimization coding feature vector of the station machine control software into the code sentence granularity global semantic association coder based on a converter structure to obtain the source code global semantic association feature vector of the station machine control software. It should be understood that each vector in the sequence of source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine represents the structure and grammar information of one code sentence, and in order to effectively capture the global dependency relationship between different parts in the source code to understand the overall logic and structure of the code, in the technical scheme of the application, the sequence of source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation machine is input into a code sentence granularity global semantic association encoder based on a converter structure to obtain the global semantic coding feature vectors of the source code of the control software of the workstation machine. That is, through the converter structure, the model is able to handle and integrate long-range dependencies and context information in code, thereby enhancing the overall semantic understanding of code semantics.
In step S146, the sequence of the source code sentence granularity semantic optimization coding feature vector of the workstation machine control software is input into a code sentence granularity global semantic association encoder to obtain the source code global semantic coding feature vector of the workstation machine control software. Specifically, in the embodiment of the application, the security vulnerability detection result is obtained based on the global semantic coding feature vector of the source code of the control software of the workstation machine, which comprises the steps of inputting the global semantic coding feature vector of the source code of the control software of the workstation machine into a vulnerability detection module based on a classifier to obtain the security vulnerability detection result. Namely, the sequence of the source code sentence granularity semantic optimization coding feature vector of the station machine control software is utilized to carry out semantic association on the global so as to obtain the global semantic coding feature vector of the source code of the station machine control software, and classification processing is carried out, so that a security leak detection result is automatically obtained. In particular, the security breach detection result here is whether a known security breach exists. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.
In particular, considering that the sequence of the granularity semantic coding feature vectors of the source code sentences of the control software of the workstation machine represents the semantic embedded coding feature of each source code description sentence of the control software source code of the workstation machine, which is determined by sentence processing. When the sequence of the source code sentence granularity semantic coding feature vectors of the workstation machine control software is input into the feature up-down Wen Yuyi association optimization module based on sequence endophytic correlation quantization, the feature up-down Wen Yuyi association optimization module based on sequence endophytic correlation quantization optimizes the context semantic information expression richness of the source code sentence granularity semantic coding feature vectors of the workstation machine control software by calculating the semantic association degree between the source code sentence granularity semantic coding feature vectors of each workstation machine in the sequence of the source code sentence granularity semantic coding feature vectors of the workstation machine control software, but the context semantic information expression richness of the source code sentence granularity semantic coding feature vectors of each workstation machine in the sequence of the source code sentence granularity semantic optimization coding feature vectors of the workstation machine control software can also enable the source code sentence granularity semantic optimization coding feature vectors of each workstation machine in the sequence of the source code sentence granularity semantic optimization coding feature vectors of the workstation machine to have certain information expression overflow. Therefore, when the sequence of the source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation is input into the global semantic association encoder based on the code sentence granularity of the converter structure, the global semantic association encoder based on the code sentence granularity of the converter structure captures context semantic association information of the sequence of the source code sentence granularity semantic optimization coding feature vectors of the control software of the workstation in the global scope through a multi-head attention mechanism, but superposition of the dual attention mechanism can enable the global semantic coding feature vectors of the source code of the control software of the workstation to have diversified aggregate expression distribution of text semantic context aggregation features, so that balance between regression mapping accuracy and integrity when the global semantic coding feature vectors of the source code of the control software of the workstation are subjected to class regression through the vulnerability detection module based on the classifier is expected to be improved, and accuracy of an obtained security vulnerability detection result is improved.
In a preferred example, the method for obtaining a security vulnerability detection result by passing the station machine control software source code global semantic coding feature vector through the vulnerability detection module based on the classifier comprises the steps of determining a station machine control software source code global semantic coding maximum feature value and a station machine control software source code global semantic coding minimum feature value of the station machine control software source code global semantic coding feature vector, and calculating a station machine control software source code global semantic coding mean value and a station machine control software source code global semantic coding standard deviation of a feature set of the station machine control software source code global semantic coding feature vector; calculating the quotient of the global semantic coding mean value of the source code of the station machine control software and the global semantic coding standard deviation of the source code of the station machine control software to obtain a global semantic coding statistical standardization value of the source code of the station machine control software, calculating the reciprocal of each eigenvalue of the global semantic coding eigenvector of the source code of the station machine control software, multiplying the reciprocal of each eigenvalue of the global semantic coding eigenvector of the source code of the station machine control software by the difference point between the maximum eigenvalue of the global semantic coding of the source code of the station machine control software and the minimum eigenvalue of the global semantic coding of the source code of the station machine control software, performing point subtraction with the global semantic coding statistical standardization value of the source code of the station machine control software to obtain a global semantic coding distribution approximation vector of the source code of the station machine control software, calculating an exponential function taking each eigenvalue of the global semantic coding distribution approximation vector of the station machine control software as an exponential, the station machine control software source code global semantic coding statistical normalization value is used for carrying out point counting with the station machine control software source code global semantic coding statistical normalization value to obtain a station machine control software source code global semantic coding probability approximation vector, a base-two logarithmic value of the absolute value of each characteristic value of the station machine control software source code global semantic coding probability approximation vector is calculated to obtain an optimized station machine control software source code global semantic coding characteristic vector, and the optimized station machine control software source code global semantic coding characteristic vector is passed through a vulnerability detection module based on a classifier to obtain a security vulnerability detection result.
The optimization expression of the global semantic coding feature vector of the source code of the control software of the workstation machine is as follows:
Wherein, Feature vectors are globally semantically encoded for the workstation machine control software source code,AndFeature sets of global semantic coding feature vectors of source codes of the control software of the workstation machineThe mean, standard deviation, minimum and maximum of (c),Indicating that the addition is performed by the position point,Representing a natural exponential function of the sign,Representing the multiplication by the position point,The logarithm of the base of 2,To calculate the reciprocal of each feature value of the global semantically encoded feature vector of the machine control software source code,Indicating that the subtraction is performed by the position point,And (3) globally semantically encoding feature vectors for the optimized station machine control software source codes.
Therefore, the diversified feature sets of the global semantic coding feature vectors of the control software source codes of the working positions are subjected to random statistical standardization, a confidence space constructed based on the overall feature values of the global semantic coding feature vectors of the control software source codes of the working positions is approximated to standardized continuous probability density distribution relative to response hypothesis test of each feature value of the global semantic coding feature vectors of the control software source codes of the working positions, and accordingly target accessibility of the discretized feature distribution of the global semantic coding feature vectors of the control software source codes of the working positions to unified regression targets is established, and therefore balanced executable between mapping accuracy and mapping integrity in a class regression process based on the discretized feature distribution of the global semantic coding feature vectors of the control software source codes of the working positions is achieved, and accuracy of security detection results obtained by the global semantic coding feature vectors of the control software source codes of the working positions through the vulnerability detection module based on the classifier is improved. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.
In summary, the intelligent screening method for the software information of the motor vehicle inspection and detection device according to the embodiment of the application is explained, the source code in the station machine control exe software package is extracted to obtain the station machine control software source code, and the phrase processing, semantic coding and optimization of the station machine control software source code are performed by adopting the source code processing and analysis technology based on deep learning, so that the security leak detection result is automatically obtained according to the global association information of the semantic features of each optimized source code. In this way, potential vulnerabilities in the source code, including those that would only manifest under certain runtime conditions, can be more accurately identified. Meanwhile, complex business logic can be understood and analyzed, so that logic errors hidden in deep conditional sentences and program flows can be found, and the intelligent degree of software vulnerability detection is improved.
The present application is not limited to the preferred embodiments, and the present application is described above in any way, but is not limited to the preferred embodiments, and any person skilled in the art will appreciate that the present application is not limited to the embodiments described above, while the above disclosure is directed to various equivalent embodiments, which are capable of being modified or varied in several ways, it is apparent to those skilled in the art that many modifications, variations and adaptations of the embodiments described above are possible in light of the above teachings.

Claims (7)

1. An intelligent screening method for software information of motor vehicle inspection and detection equipment is characterized by comprising the following steps:
Determining the directory location and the file location of the motor vehicle inspection and detection equipment software;
Extracting a workstation machine control exe software package based on the directory position and the file position;
Extracting key information from the workstation machine control exe software package, wherein the key information comprises a version number, a compiling date, a digital signature and a configuration file;
performing vulnerability detection on the station machine control exe software package to obtain a security vulnerability detection result;
performing vulnerability detection on the workstation machine control exe software package to obtain a security vulnerability detection result, wherein the vulnerability detection comprises the following steps:
extracting a source code in the station machine control exe software package to obtain a station machine control software source code;
Performing clause processing on the source code of the station machine control software to obtain a sequence of description sentences of the source code of the station machine control software;
Performing semantic coding on each station machine control software source code description sentence in the sequence of the station machine control software source code description sentences to obtain a sequence of the station machine control software source code sentence granularity semantic coding feature vectors;
Performing feature association optimization processing based on sequence endophytic correlation quantization on the sequence of the source code sentence granularity semantic coding feature vector of the control software of the station machine to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the station machine;
inputting the sequence of the source code sentence granularity semantic optimization coding feature vector of the station machine control software into a code sentence granularity global semantic association coder to obtain the source code global semantic coding feature vector of the station machine control software;
Based on the station machine control software source code global semantic coding feature vector, obtaining the security vulnerability detection result;
The method comprises the steps of inputting the sequence of the source code sentence granularity semantic coding feature vector of the control software of the workstation machine into a feature up-down Wen Yuyi association optimization module based on the sequence endophytic relevance quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vector of the control software of the workstation machine;
Inputting the sequence of the source code sentence granularity semantic coding feature vectors of the station machine control software into a feature up-down Wen Yuyi association optimization module based on sequence endogenetic correlation quantization to obtain the sequence of the source code sentence granularity semantic optimization coding feature vectors of the station machine control software, wherein the method comprises the following steps:
Calculating semantic association score vectors between any two source code sentence granularity semantic coding feature vectors of the control software of the workstation machine in the sequence of source code sentence granularity semantic coding feature vectors of the control software of the workstation machine to obtain a set of source code sentence granularity semantic association score vectors of the control software of the workstation machine;
Determining a global representation vector of endophytic relevance of a source code sentence granularity sequence of the control software of the workstation machine based on the collection of source code sentence granularity semantic association scoring vectors of the control software of the workstation machine;
Calculating the correlation optimization factors of all the source code sentence granularity semantic coding feature vectors of the station machine control software in the sequence of the source code sentence granularity semantic coding feature vectors of the station machine control software based on the global expression vector of the endophytic correlation of the source code sentence granularity sequence of the station machine control software to obtain the sequence of the source code sentence granularity semantic correlation optimization factors of the station machine control software;
Activating the sequence of the source code sentence granularity semantic association optimization factors of the station machine control software to obtain a sequence of the source code sentence granularity semantic association optimization weight factors of the station machine control software;
And taking each station machine control software source code sentence granularity semantic association optimization weight factor in the sequence of the station machine control software source code sentence granularity semantic association optimization weight factors as a weight, and respectively weighting each station machine control software source code sentence granularity semantic encoding feature vector in the sequence of the station machine control software source code sentence granularity semantic encoding feature vector to obtain the sequence of the station machine control software source code sentence granularity semantic optimization encoding feature vector.
2. The method for intelligently screening software information of a motor vehicle inspection and detection device according to claim 1, wherein calculating semantic association score vectors between any two of the sequence of source code sentence granularity semantic coding feature vectors of the station machine control software to obtain a set of source code sentence granularity semantic association score vectors of the station machine control software comprises:
Cascading any two station machine control software source code sentence granularity semantic coding feature vectors in the sequence of the station machine control software source code sentence granularity semantic coding feature vectors to obtain a set of station machine control software source code sentence granularity semantic cascading feature vectors;
multiplying each station machine control software source code sentence granularity semantic cascading feature vector in the station machine control software source code sentence granularity semantic cascading feature vector set by a station machine control software source code sentence granularity semantic weight matrix, and then adding the station machine control software source code sentence granularity semantic weight matrix with the station machine control software source code sentence granularity semantic bias vector according to positions to obtain the station machine control software source code sentence granularity semantic association score vector set.
3. The intelligent screening method for the software information of the motor vehicle inspection and detection equipment according to claim 2, wherein determining the global representation vector of the endophytic relevance of the source code sentence granularity sequence of the control software of the station machine based on the set of source code sentence granularity semantic association score vectors of the control software of the station machine comprises calculating a mean vector of the set of source code sentence granularity semantic association score vectors of the control software of the station machine as the global representation vector of the endophytic relevance of the source code sentence granularity sequence of the control software of the station machine.
4. The intelligent screening method for software information of a motor vehicle inspection and detection device according to claim 3, wherein calculating, based on the global representation vector of the endophytic relevance of the source code sentence granularity sequence of the control software of the workstation, the correlation optimization factor of the source code sentence granularity semantic coding feature vector of each workstation in the sequence of source code sentence granularity semantic coding feature vectors of the control software of the workstation to obtain the sequence of source code sentence granularity semantic correlation optimization factors of the control software of the workstation comprises:
Multiplying the source code sentence granularity sequence endogenous correlation global representation vector of the station machine control software with the source code global weight matrix of the station machine control software to obtain a source code global representation weight vector of the station machine control software;
Multiplying each station machine control software source code sentence granularity semantic coding feature vector in the sequence of the station machine control software source code sentence granularity semantic coding feature vectors with a station machine control software source code local weight matrix to obtain a set of station machine control software source code local representation weight vectors;
Adding each station machine control software source code local representation weight vector in the station machine control software source code local representation weight vector set, the station machine control software source code global representation weight vector and the station machine control software source code bias vector according to positions to obtain a station machine control software source code sentence granularity semantic association vector set;
inputting the collection of the source code sentence granularity semantic association vectors of the control software of the workstation machine into a Sigmoid function to obtain a sequence of the source code sentence granularity semantic association optimization factors of the control software of the workstation machine.
5. The intelligent screening method for the software information of the motor vehicle inspection and detection equipment according to claim 4, wherein the step of activating the sequence of the source code sentence granularity semantic association optimization factors of the control software of the workstation machine to obtain the sequence of the source code sentence granularity semantic association optimization weight factors of the control software of the workstation machine comprises the step of inputting the sequence of the source code sentence granularity semantic association optimization factors of the control software of the workstation machine into a Softmax activation function to obtain the sequence of the source code sentence granularity semantic association optimization weight factors of the control software of the workstation machine.
6. The intelligent screening method for software information of motor vehicle inspection and detection equipment according to claim 5, wherein inputting the sequence of the source code sentence granularity semantic optimization coding feature vectors of the station machine control software into a code sentence granularity global semantic association encoder to obtain the source code global semantic optimization coding feature vectors of the station machine control software comprises inputting the sequence of the source code sentence granularity semantic optimization coding feature vectors of the station machine control software into a code sentence granularity global semantic association encoder based on a converter structure to obtain the source code global semantic coding feature vectors of the station machine control software.
7. The intelligent screening method for the software information of the motor vehicle inspection and detection equipment according to claim 6, wherein the security hole detection result is obtained based on the station machine control software source code global semantic coding feature vector, and the method comprises the step of inputting the station machine control software source code global semantic coding feature vector into a hole detection module based on a classifier to obtain the security hole detection result.
CN202411456346.2A 2024-10-18 2024-10-18 Intelligent screening method for software information of motor vehicle inspection and testing equipment Active CN119004486B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411456346.2A CN119004486B (en) 2024-10-18 2024-10-18 Intelligent screening method for software information of motor vehicle inspection and testing equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411456346.2A CN119004486B (en) 2024-10-18 2024-10-18 Intelligent screening method for software information of motor vehicle inspection and testing equipment

Publications (2)

Publication Number Publication Date
CN119004486A CN119004486A (en) 2024-11-22
CN119004486B true CN119004486B (en) 2025-02-25

Family

ID=93481825

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411456346.2A Active CN119004486B (en) 2024-10-18 2024-10-18 Intelligent screening method for software information of motor vehicle inspection and testing equipment

Country Status (1)

Country Link
CN (1) CN119004486B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119180287B (en) * 2024-11-25 2025-02-25 北京关键科技股份有限公司 Intelligent review method for software configuration file data of motor vehicle inspection and testing equipment
CN119541750B (en) * 2025-01-23 2025-04-08 浙江飞图影像科技有限公司 Automatic generation method and system for inspection report

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117763558A (en) * 2023-11-30 2024-03-26 北京工业大学 Blockchain smart contract vulnerability feature extraction method and system based on deep learning
CN118154135A (en) * 2024-05-09 2024-06-07 杭州钉铛科技有限公司 A process configuration system and method for developing an operation and maintenance management platform

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA3225899A1 (en) * 2023-01-30 2025-04-09 Blackberry Limited Methods and systems for identifying binary code vulnerability
CN118394589A (en) * 2024-04-02 2024-07-26 河南畅想星空电子科技有限公司 Background data intelligent monitoring system and method based on data mining
CN118504580B (en) * 2024-05-31 2025-01-24 上海源庐加佳信息科技有限公司 Project auxiliary support system and method based on artificial intelligence
CN118626437B (en) * 2024-06-11 2024-12-13 广州恒铭数码科技有限公司 Artificial intelligence-based construction engineering archive management method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117763558A (en) * 2023-11-30 2024-03-26 北京工业大学 Blockchain smart contract vulnerability feature extraction method and system based on deep learning
CN118154135A (en) * 2024-05-09 2024-06-07 杭州钉铛科技有限公司 A process configuration system and method for developing an operation and maintenance management platform

Also Published As

Publication number Publication date
CN119004486A (en) 2024-11-22

Similar Documents

Publication Publication Date Title
CN119004486B (en) Intelligent screening method for software information of motor vehicle inspection and testing equipment
Ding et al. Towards the use of the readily available tests from the release pipeline as performance tests: Are we there yet?
Chen et al. Coverage prediction for accelerating compiler testing
Haben et al. A replication study on the usability of code vocabulary in predicting flaky tests
US11307975B2 (en) Machine code analysis for identifying software defects
Hora et al. Domain specific warnings: Are they any better?
Yang et al. Vuldigger: A just-in-time and cost-aware tool for digging vulnerability-contributing changes
CN112560043A (en) Vulnerability similarity measurement method based on context semantics
CN113778852A (en) Code analysis method based on regular expression
CN119814368A (en) Network security vulnerability identification and repair methods, systems, media and program products
Jain et al. Contextual predictive mutation testing
CN118277258A (en) Code examination method, device, storage medium and computer equipment
Garg et al. Learning to predict vulnerabilities from vulnerability-fixes: A machine translation approach
Tang et al. Enhancing defect prediction with static defect analysis
CN120068093A (en) Automatic code bug mining and identifying method, system and equipment
Azad et al. Perfcurator: Curating a large-scale dataset of performance bug-related commits from public repositories
Fan et al. High-frequency keywords to predict defects for android applications
Costin et al. Evaluating zero-shot Chatgpt performance on predicting CVE data from vulnerability descriptions
Hora et al. Automatic detection of system-specific conventions unknown to developers
CN119918067B (en) A security diagnosis and evaluation method and system for open source software
CN118468296B (en) Clone vulnerability detection method, system and equipment
Iuliano et al. How Do Solidity Versions Affect Vulnerability Detection Tools? An Empirical Study
Aslan et al. Utilizing Large Programming Language Models on Software Vulnerability Detection
CN120066935B (en) Code analysis and detection method and system based on large language model
Ciancarini et al. Mining concurrency bugs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PP01 Preservation of patent right
PP01 Preservation of patent right

Effective date of registration: 20251009

Granted publication date: 20250225

PD01 Discharge of preservation of patent
PD01 Discharge of preservation of patent

Date of cancellation: 20251106

Granted publication date: 20250225