sesa 20(23): e4

Research Article

Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone

Download660 downloads
  • @ARTICLE{10.4108/eai.13-7-2018.165275,
        author={Yuan He and Wenjie Wang and Hongyu Sun and Yuqing Zhang},
        title={Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone},
        journal={EAI Endorsed Transactions on Security and Safety},
        keywords={Vulnerability, few-shot learning, code clone, distance-metric},
  • Yuan He
    Wenjie Wang
    Hongyu Sun
    Yuqing Zhang
    Year: 2020
    Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone
    DOI: 10.4108/eai.13-7-2018.165275
Yuan He1,2, Wenjie Wang1, Hongyu Sun3, Yuqing Zhang1,*
  • 1: National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing, China
  • 2: School of mathematics and computer science, Dali University, Dali, China
  • 3: School of Cyber Engineering, Xidian University, Xi’an, China
*Contact email:


It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, so automatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions either cannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according to different codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable code clone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model for discovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use the network to measure similarity. The results of experiments on open-source projects of five operating systems show that the accuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.