|
|
基于多头注意力机制与特征融合的航天软件静态警报自动确认方法研究
|
Abstract:
本课题针对航天软件静态测试中误报率高、人工审查工作量大的问题,提出了一种基于深度学习的静态警报自动确认方法。首先,利用预训练模型Codebert对代码进行向量化,解决了传统词嵌入方法无法准确处理代码结构和语义的问题。其次,设计了一种CNN-BiGRU模型,结合卷积神经网络(CNN)的局部特征提取能力和双向门控循环单元(BiGRU)的全局序列特征提取能力,提升了模型的特征提取效果。进一步,为应对长代码中token距离较远、重要信息难以识别的问题,在CNN-BiGRU模型基础上引入多头注意力机制,构建了CNN-BiGRU-Multi-Head Attention模型,使模型能够识别并调整重要token的权重,忽略远距离token的干扰。实验结果表明,所提出的模型在静态警报自动确认任务中表现优异,有效降低了误报率并减少了人工审查的工作量,为软件质量保障提供了高效的技术支持。
This topic addresses the problems of high false alarm rate and heavy manual review workload in static testing of aerospace software, and proposes a deep-learning-based automatic confirmation method for static alerts. First, the pre-trained model Codebert is utilized to vectorize the code, which solves the problem that traditional word embedding methods cannot accurately deal with the structure and semantics of the code. Second, a CNN-BiGRU model is designed, which combines the local feature extraction capability of convolutional neural network (CNN) and the global sequential feature extraction capability of bi-directional gated recurrent unit (BiGRU) to improve the feature extraction effect of the model. Further, in order to cope with the problem of long distance of tokens and difficulty in recognizing important information in long codes, the CNN-BiGRU-Multi-Head Attention model is constructed by introducing the Multi-Head Attention mechanism on the basis of the CNN-BiGRU model, so that the model can recognize and adjust the weight of the important tokens, and ignore the interference of the long-distance tokens. The experimental results show that the proposed model performs well in the static alert auto-confirmation task, effectively reduces the false alarm rate and reduces the workload of manual review, and provides efficient technical support for software quality assurance.
| [1] | Bessey, A., Block, K., Chelf, B., Chou, A., Fulton, B., Hallem, S., et al. (2010) A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World. Communications of the ACM, 53, 66-75. https://doi.org/10.1145/1646353.1646374 |
| [2] | Yang, Z.H., Gong, Y.Z., Xiao, Q. and Wang, Y.W. (2008) DTS—A Software Defects Testing System. 2008 Eighth IEEE International Working Conference on Source Code Analysis and Manipulation, Beijing, 28-29 September 2008, 269-270. https://doi.org/10.1109/scam.2008.12 |
| [3] | Kremenek, T. and Engler, D. (2003) Z-Ranking: Using Statistical Analysis to Counter the Impact of Static Analysis Approximations. In: Cousot, R., Ed., Static Analysis, Springer, 295-315. https://doi.org/10.1007/3-540-44898-5_16 |
| [4] | Johnson, B., Song, Y., Murphy-Hill, E. and Bowdidge, R. (2013) Why Don’t Software Developers Use Static Analysis Tools to Find Bugs? 2013 35th International Conference on Software Engineering (ICSE), San Francisco, 18-26 May 2013, 672-681. https://doi.org/10.1109/icse.2013.6606613 |
| [5] | Kang, H.J., Aw, K.L. and Lo, D. (2022) Detecting False Alarms from Automatic Static Analysis Tools: How Far Are We? Proceedings of the 44th International Conference on Software Engineering, Pittsburgh, 21-29 May 2022, 698-709. https://doi.org/10.1145/3510003.3510214 |
| [6] | Kim, S. and Ernst, M.D. (2007) Which Warnings Should I Fix First? Proceedings of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Dubrovnik, 3-7 September 2007, 45-54. https://doi.org/10.1145/1287624.1287633 |
| [7] | Xing, Y., Qian, X., Guan, Y., Yang, B. and Zhang, Y. (2022) Cross-Project Defect Prediction Based on G-LSTM Model. Pattern Recognition Letters, 160, 50-57. https://doi.org/10.1016/j.patrec.2022.04.039 |
| [8] | Pin, K., Ho Chang, J. and Nam, Y. (2022) Software Defect Prediction Harnessing on Multi 1-Dimensional Convolutional Neural Network Structure. Computers, Materials & Continua, 71, 1521-1546. https://doi.org/10.32604/cmc.2022.022085 |
| [9] | Kharkar, A., Moghaddam, R.Z., Jin, M., Liu, X., Shi, X., Clement, C., et al. (2022) Learning to Reduce False Positives in Analytic Bug Detectors. Proceedings of the 44th International Conference on Software Engineering, Pittsburgh, 21-29 May 2022, 1307-1316. https://doi.org/10.1145/3510003.3510153 |
| [10] | G, S.J. and Charles, J. (2024) Revolutionizing Software Project Development: A CNN-LSTM Hybrid Model for Effective Defect Prediction. International Journal of Advanced Computer Science and Applications, 15, 595-603. https://doi.org/10.14569/ijacsa.2024.0150158 |
| [11] | Sun, H. (2024) Network Intrusion Detection Using Transformer and BiGRU-DNN in Edge Computing. Journal of Information Processing Systems, 20, 458-476. |
| [12] | Ansari, N.U. and Richhariya, P. (2024) Deep Hybrid Intelligence: CNN-LSTM for Accurate Software Bug Prediction. International Journal of Innovations in Science Engineering and Management, 3, 26-33. https://doi.org/10.69968//ijisem.2024v3i426-33 |
