US 12,423,442 B2
Explainable vulnerability detection method and system based on dual-view causal reasoning
Sicong Cao, Jiangsu (CN); Xiaobing Sun, Jiangsu (CN); Wei Liu, Jiangsu (CN); Xiaoxue Wu, Jiangsu (CN); Lili Bo, Jiangsu (CN); and Bin Li, Jiangsu (CN)
Assigned to YANGZHOU UNIVERSITY, Jiangsu (CN)
Filed by YANGZHOU UNIVERSITY, Jiangsu (CN)
Filed on Feb. 15, 2024, as Appl. No. 18/443,170.
Claims priority of application No. 202311689060.4 (CN), filed on Dec. 8, 2023.
Prior Publication US 2025/0190574 A1, Jun. 12, 2025
Int. Cl. G06F 21/57 (2013.01)
CPC G06F 21/577 (2013.01) [G06F 2221/033 (2013.01)] 20 Claims
OG exemplary drawing
 
1. An explainable vulnerability detection method based on dual-view causal reasoning, comprising:
S1, obtaining code samples, wherein the code samples comprise a training sample and a sample to be detected, sequentially performing data augmentation, static analysis, code property graph construction and feature extraction on the training sample, and obtaining a training data set; and sequentially performing static analysis, code property graph construction and feature extraction on the sample to be detected, and obtaining a data set to be detected;
S2, processing the training data set through a hybrid contrastive learning method, and establishing a vulnerability detection model; and inputting the data set to be detected into the vulnerability detection model, and outputting a vulnerability code; and
S3, performing causal reasoning on the vulnerability code, and outputting a vulnerability detection explanation.