FIELD: computer technology.
SUBSTANCE: invention relates to the field of computer technology. The expected result is achieved by constructing a vulnerability attack vector; obtaining data containing the source code file and the type of vulnerability detected; converting the source code containing the vulnerability into an abstract syntax tree (AST), in which the internal vertices are mapped to programming language operators, and the leaves to the corresponding operands; searching for an element of the attack vector by coordinates and name among the vertices of the AST containing information about the type of vertex; forming a path in the AST between the found elements of the attack vector; forming an ordered sequence that represents the types of each element of the path; forming a vector representation of the formed sequence as the number of all possible types of AST nodes inside it; processing of the received data using a machine learning model (ML) trained on vector representations of vulnerability data, during which vulnerabilities are classified according to the degree of exploitation, and exploited vulnerabilities are identified in the program code based on the classification.
EFFECT: increase in the speed and accuracy of identifying exploited vulnerabilities in the program code.
3 cl, 14 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD AND SYSTEM FOR ELIMINATING VULNERABILITIES IN PROGRAM CODE | 2023 |
|
RU2821220C1 |
| METHOD AND A SYSTEM FOR PREDICTION OF CYBER SECURITY RISKS DURING THE DEVELOPMENT OF SOFTWARE PRODUCTS | 2020 |
|
RU2745371C1 |
| METHOD AND SYSTEM FOR ASSESSING THE PROBABILITY OF CRITICAL CYBER SECURITY DEFECTS AT ACCEPTANCE TESTS OF PRODUCT RELEASES | 2020 |
|
RU2745369C1 |
| COMPUTER SYSTEMS, COMPUTING COMPONENTS AND COMPUTING OBJECTS, MADE WITH POSSIBILITY OF IMPLEMENTING REDUCTION OF DYNAMIC DEVIATION CAUSED BY OUTLIER VALUES IN MACHINE LEARNING MODELS | 2020 |
|
RU2813245C1 |
| SYSTEM AND METHOD FOR DETERMINING PROCESS ASSOCIATED WITH MALWARE ENCRYPTING COMPUTER SYSTEM FILES | 2020 |
|
RU2770570C2 |
| METHOD FOR EARLY DIAGNOSIS OF LUNG CANCER | 2018 |
|
RU2697971C1 |
| METHOD FOR SCREENING PROBABILITY OF KIDNEY CANCER | 2023 |
|
RU2816798C1 |
| METHOD OF CALCULATING CLIENT CREDIT RATING | 2019 |
|
RU2723448C1 |
| METHOD AND SYSTEM OF THE FINAL AUTOMATOR FOR RECOGNIZING THE OPERATING STATE OF THE SENSOR | 2018 |
|
RU2744908C1 |
| METHOD OF EARLY DIAGNOSTICS OF CHRONIC DISEASES OF A PATIENT BASED ON CLUSTER ANALYSIS OF BIG DATA | 2021 |
|
RU2800315C2 |
