Yuan Jiang,Yujian Zhang,Xiaohong Su,Christoph Treude,Tiantian Wang

DOI: https://doi.org/10.1109/tse.2024.3493245

IF: 7.4

2024-12-14

IEEE Transactions on Software Engineering

Abstract:The emergence of pre-trained model-based vulnerability detection methods has significantly advanced the field of automated vulnerability detection. However, these methods still face several challenges, such as difficulty in learning effective feature representations of statements for fine-grained predictions and struggling to process overly long code sequences. To address these issues, this study introduces StagedVulBERT, a novel vulnerability detection framework that leverages a pre-trained code language model and employs a coarse-to-fine strategy. The key innovation and contribution of our research lies in the development of the CodeBERT-HLS component within our framework, specialized in hierarchical, layered, and semantic encoding. This component is designed to capture semantics at both the token and statement levels simultaneously, which is crucial for achieving more accurate multi-granular vulnerability detection. Additionally, CodeBERT-HLS efficiently processes longer code token sequences, making it more suited to real-world vulnerability detection. Comprehensive experiments demonstrate that our method enhances the performance of vulnerability detection at both coarse- and fine-grained levels. Specifically, in coarse-grained vulnerability detection, StagedVulBERT achieves an F1 score of 92.26%, marking a 6.58% improvement over the best-performing methods. At the fine-grained level, our method achieves a Top-5% accuracy of 65.69%, which outperforms the state-of-the-art methods by up to 75.17%.

engineering, electrical & electronic,computer science, software engineering

Chao Ni,Xinrong Guo,Yan Zhu,Xiaodan Xu,Xiaohu Yang

DOI: https://doi.org/10.1109/ase56229.2023.00084

2024-01-01

Abstract:Software vulnerabilities damage the functionality of software systems. Recently, many deep learning-based approaches have been proposed to detect vulnerabilities at the function level by using one or a few different modalities (e.g., text representation, graph-based representation) of the function and have achieved promising performance. However, some of these existing studies have not completely leveraged these diverse modalities, particularly the underutilized image modality, and the others using images to represent functions for vulnerability detection have not made adequate use of the significant graph structure underlying the images. In this paper, we propose MVulD, a multi-modal-based function-level vulnerability detection approach, which utilizes multi-modal features of the function (i.e., text representation, graph representation, and image representation) to detect vulnerabilities. Specifically, MVulD utilizes a pre-trained model (i.e., UniXcoder) to learn the semantic information of the textual source code, employs the graph neural network to distill graph-based representation, and makes use of computer vision techniques to obtain the image representation while retaining the graph structure of the function. We conducted a large-scale experiment on 25,816 functions. The experimental results show that MVulD improves four state-of-the-art baselines by 30.8%-81.3%, 12.8%-27.4%, 48.8%-115%, and 22.9%-141% in terms of F1-score, Accuracy, Precision, and PR-AUC respectively.

Xuejun Zhang,Bo Zhou,Zhuo Chen,Meifeng Guo,Xiaogang Du,Xiaohong Jia,Wanrong Bai

DOI: https://doi.org/10.21203/rs.3.rs-4893837/v1

2024-01-01

Abstract:Thriving and widespread use of the open-source software community makes software vulnerabilities spread a lot, which brings serious challenges to the system security. Recently, a number of vulnerability detection methods based on deep learning have been proposed to help engineers analyze and patch vulnerabilities efficiently. However, these existing approaches still suffer from limitations in extracting rich features from vulnerability code. Aiming at the above problems, we propose VulD-SG, a dual-channel software code vulnerability detection method based on deep sequence and graph model. VulD-SG enhances the semantic, syntactic and structural features extraction ability of the source code by introducing the deep sequence-based and graph-based vulnerability feature extraction module. To address the problem of the coarse detection granularity in the traditional methods, VulD-SG slices code statements into subtokens with a new decomposition algorithm to capture the detailed vulnerability information. Meanwhile, Transformer-style encoder is utilized in graph-based vulnerability feature extraction module to aggregate program dependency graph (PDG) nodes to learn the long-range dependence of cross-function code effectively. Finally, we build a fusion model to merge the training parameters and achieve fine-grained prediction results. The experiments result show that Acc, F1, and Recall metrics were improved by 2.6\%~27\%, 2\%~29.2\%, and 1\%~30.25\% respectively on five different vulnerability datasets compared with seven vulnerability detection models based on deep learning.

Ruitong Liu,Yanbin Wang,Haitao Xu,Jianguo Sun,Fan Zhang,Peiyue Li,Zhenhao Guo

DOI: https://doi.org/10.1016/j.inffus.2024.102748

IF: 18.6

2025-01-01

Information Fusion

Abstract:Code Language Models (codeLMs) and Graph Neural Networks (GNNs) are widely used in code vulnerability detection. However, a critical yet often overlooked issue is that GNNs primarily rely on aggregating information from adjacent nodes, limiting structural information transfer to single-layer updates. In code graphs, nodes and relationships typically require cross-layer information propagation to fully capture complex program logic and potential vulnerability patterns. Furthermore, while some studies utilize codeLMs to supplement GNNs with code semantic information, existing integration methods have not fully explored the potential of their collaborative effects. To address these challenges, we introduce Vul-LMGNNs that integrates pre-trained CodeLMs with GNNs, leveraging knowledge distillation to facilitate cross-layer propagation of both code semantic knowledge and structural information. Specifically, Vul-LMGNNs utilizes Code Property Graphs (CPGs) to incorporate code syntax, control flow, and data dependencies, while employing gated GNNs to extract structural information in the CPG. To achieve cross-layer information transmission, we implement an online knowledge distillation (KD) program that enables a single student GNN to acquire structural information extracted from a simultaneously trained counterpart through an alternating training procedure. Additionally, we leverage pre-trained CodeLMs to extract semantic features from code sequences. Finally, we propose an "implicit-explicit" joint training framework to better leverage the strengths of both CodeLMs and GNNs. In the implicit phase, we utilize CodeLMs to initialize the node embeddings of each student GNN. Through online knowledge distillation, we facilitate the propagation of both code semantics and structural information across layers. In the explicit phase, we perform linear interpolation between the CodeLM and the distilled GNN to learn a late fusion model. The proposed method, evaluated across four real-world vulnerability datasets, demonstrated superior performance compared to 17 state-of-the-art approaches. Our source code can be accessed via GitHub: https: //github.com/Vul-LMGNN/vul-LMGGNN.

Xiaohu Du,Ming Wen,Jiahao Zhu,Zifan Xie,Bin Ji,Huijun Liu,Xuanhua Shi,Hai Jin

2024-06-06

Abstract:Code Pre-trained Models (CodePTMs) based vulnerability detection have achieved promising results over recent years. However, these models struggle to generalize as they typically learn superficial mapping from source code to labels instead of understanding the root causes of code vulnerabilities, resulting in poor performance in real-world scenarios beyond the training instances. To tackle this challenge, we introduce VulLLM, a novel framework that integrates multi-task learning with Large Language Models (LLMs) to effectively mine deep-seated vulnerability features. Specifically, we construct two auxiliary tasks beyond the vulnerability detection task. First, we utilize the vulnerability patches to construct a vulnerability localization task. Second, based on the vulnerability features extracted from patches, we leverage GPT-4 to construct a vulnerability interpretation task. VulLLM innovatively augments vulnerability classification by leveraging generative LLMs to understand complex vulnerability patterns, thus compelling the model to capture the root causes of vulnerabilities rather than overfitting to spurious features of a single task. The experiments conducted on six large datasets demonstrate that VulLLM surpasses seven state-of-the-art models in terms of effectiveness, generalization, and robustness.

Cryptography and Security,Artificial Intelligence,Computation and Language

Deqing Zou,Yutao Hu,Wenke Li,Yueming Wu,Haojun Zhao,Hai Jin

DOI: https://doi.org/10.1109/tdsc.2022.3199769

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Due to the powerful automatic feature extraction, deep learning-based vulnerability detection methods have evolved significantly in recent years. However, almost all current work focuses on detecting vulnerabilities at a single granularity (i.e., slice-level or function-level). In practice, slice-level vulnerability detection is fine-grained but may contain incomplete vulnerability details. Function-level vulnerability detection includes full vulnerability semantics but may contain vulnerability-unrelated statements. Meanwhile, they pay more attention to predicting whether the source code is vulnerable and cannot pinpoint which statements are more likely to be vulnerable. In this paper, we design mVulPreter, a multi-granularity vulnerability detector that can provide interpretations of detection results. Specifically, we propose a novel technique to effectively blend the advantages of function-level and slice-level vulnerability detection models and output the detection results' interpretation only by the model itself. We evaluate mVulPreter on a dataset containing 5,310 vulnerable functions and 7,601 non-vulnerable functions. The experimental results indicate that mVulPreter outperforms existing state-of-the-art vulnerability detection approaches (i.e., Checkmarx, FlawFinder, RATS, TokenCNN, StatementLSTM, SySeVR, and Devign).

computer science, information systems, software engineering, hardware & architecture

Xuxiang Jiang,Yinhao Xiao,Jun Wang,Wei Zhang

DOI: https://doi.org/10.1007/978-3-031-19211-1_11

2022-01-01

Abstract:Vulnerability identification is crucial for cyber security in the software-related industry. Early identification methods require significant manual efforts in crafting features or annotating vulnerable code. Although the recent pre-trained models alleviate this issue, they overlook the multiple rich structural information contained in the code itself. In this paper, we propose a novel Multi-View Pre-Trained Model (MV-PTM) that encodes both sequential and multi-type structural information of the source code and uses contrastive learning to enhance code representations. The experiments conducted on two public datasets demonstrate the superiority of MV-PTM. In particular, MV-PTM improves GraphCodeBERT by 3.36% on average in terms of F1 score.

Weiliang Qi,Jiahao Cao,Darsh Poddar,Sophia Li,Xinda Wang

2024-10-03

Abstract:With the rapid development and widespread use of advanced network systems, software vulnerabilities pose a significant threat to secure communications and networking. Learning-based vulnerability detection systems, particularly those leveraging pre-trained language models, have demonstrated significant potential in promptly identifying vulnerabilities in communication networks and reducing the risk of exploitation. However, the shortage of accurately labeled vulnerability datasets hinders further progress in this field. Failing to represent real-world vulnerability data variety and preserve vulnerability semantics, existing augmentation approaches provide limited or even counterproductive contributions to model training. In this paper, we propose a data augmentation technique aimed at enhancing the performance of pre-trained language models for vulnerability detection. Given the vulnerability dataset, our method performs natural semantic-preserving program transformation to generate a large volume of new samples with enriched data diversity and variety. By incorporating our augmented dataset in fine-tuning a series of representative code pre-trained models (i.e., CodeBERT, GraphCodeBERT, UnixCoder, and PDBERT), up to 10.1% increase in accuracy and 23.6% increase in F1 can be achieved in the vulnerability detection task. Comparison results also show that our proposed method can substantially outperform other prominent vulnerability augmentation approaches.

Cryptography and Security,Software Engineering

Marwan Omar

DOI: https://doi.org/10.48550/arXiv.2302.11773

2023-02-23

Cryptography and Security

Abstract:Recently, deep learning techniques have garnered substantial attention for their ability to identify vulnerable code patterns accurately. However, current state-of-the-art deep learning models, such as Convolutional Neural Networks (CNN), and Long Short-Term Memories (LSTMs) require substantial computational resources. This results in a level of overhead that makes their implementation unfeasible for deployment in realtime settings. This study presents a novel transformer-based vulnerability detection framework, referred to as VulDetect, which is achieved through the fine-tuning of a pre-trained large language model, (GPT) on various benchmark datasets of vulnerable code. Our empirical findings indicate that our framework is capable of identifying vulnerable software code with an accuracy of up to 92.65%. Our proposed technique outperforms SyseVR and VulDeBERT, two state-of-the-art vulnerability detection techniques

Vu Le Anh Quan,Chau Thuan Phat,Kiet Van Nguyen,Phan The Duy,Van-Hau Pham

DOI: https://doi.org/10.48550/arXiv.2309.14677

2023-09-26

Abstract:With the advancement of deep learning (DL) in various fields, there are many attempts to reveal software vulnerabilities by data-driven approach. Nonetheless, such existing works lack the effective representation that can retain the non-sequential semantic characteristics and contextual relationship of source code attributes. Hence, in this work, we propose XGV-BERT, a framework that combines the pre-trained CodeBERT model and Graph Neural Network (GCN) to detect software vulnerabilities. By jointly training the CodeBERT and GCN modules within XGV-BERT, the proposed model leverages the advantages of large-scale pre-training, harnessing vast raw data, and transfer learning by learning representations for training data through graph convolution. The research results demonstrate that the XGV-BERT method significantly improves vulnerability detection accuracy compared to two existing methods such as VulDeePecker and SySeVR. For the VulDeePecker dataset, XGV-BERT achieves an impressive F1-score of 97.5%, significantly outperforming VulDeePecker, which achieved an F1-score of 78.3%. Again, with the SySeVR dataset, XGV-BERT achieves an F1-score of 95.5%, surpassing the results of SySeVR with an F1-score of 83.5%.

Cryptography and Security,Artificial Intelligence

Chongyang Liu,Xiang Chen,Xiangwei Li,Yinxing Xue

DOI: https://doi.org/10.1016/j.infsof.2024.107458

IF: 3.9

2024-07-01

Information and Software Technology

Abstract:Context: Due to the prevalence of software vulnerabilities, vulnerability detection becomes a fundamental problem in system security. Objective: To solve this problem, academics and industries have made great efforts to propose deep-learning-based (DL-based) approaches but these attempts have three main limitations: (1) perform poorly on real-world projects (e.g., Accuracy below 74.33% and F1 below 73.55%); (2) perform poorly in catching vulnerable patterns due to incomplete code representations; (3) mostly perform coarse-grained function-level prediction and lack interpretability analysis. Methods: In this paper, we propose VulPCL, a BLSTM and CodeBERT based approach, which makes the first attempt to perform vulnerability prediction, categorization, and localization automatically within a framework. To alleviate the above-mentioned limitations, our VulPCL considers multi-dimension (i.e., text-based, sequence-based, and graph-based) representations to catch latent vulnerable patterns and multi-model training to learn high-level semantics. Results: Through experiments on four real-world datasets containing 114+ CWE (Common Weakness Enumeration) types spanning from 2005 to 2022, we find that our VulPCL outperforms the baselines by (1) 13.51% ∼ 60.64% and 14.34% ∼ 180.23% on Accuracy, and F1 respectively on vulnerability prediction; (2) 10.32% ∼ 46.79%, and 10.71% ∼ 127.80% on Accuracy, and macro-F1 respectively on vulnerability categorization; (3) 9.23% ∼ 36.54% on Top-10 Accuracy on vulnerability localization. Conclusion: These results indicate that our VulPCL is considerably more accurate, effective, fine-grained, and practical than previous studies. Besides, our further analyses show that VulPCL is indeed capable of capturing all vulnerability lines, and the result of line-level vulnerability localization is consistent with the function-level vulnerability prediction as the increase of predicted lines. Thus making VulPCL more interpretable than previous studies. Our additional investigation also shows that VulPCL effectively detects the Most Dangerous 25 CWEs in 2022, which is instructive for security researchers.

computer science, information systems, software engineering

Litao Li,Steven H. H. Ding,Yuan Tian,Benjamin C. M. Fung,Philippe Charland,Weihan Ou,Leo Song,Congwei Chen

DOI: https://doi.org/10.1145/3585386

IF: 2.717

2023-04-14

ACM Transactions on Privacy and Security

Abstract:Software vulnerabilities have been posing tremendous reliability threats to the general public as well as critical infrastructures, and there have been many studies aiming to detect and mitigate software defects at the binary level. Most of the standard practices leverage both static and dynamic analysis, which have several drawbacks like heavy manual workload and high complexity. Existing deep learning-based solutions not only suffer to capture the complex relationships among different variables from raw binary code but also lack the explainability required for humans to verify, evaluate, and patch the detected bugs. We propose VulANalyzeR, a deep learning-based model, for automated binary vulnerability detection, Common Weakness Enumeration-type classification, and root cause analysis to enhance safety and security. VulANalyzeR features sequential and topological learning through recurrent units and graph convolution to simulate how a program is executed. The attention mechanism is integrated throughout the model, which shows how different instructions and the corresponding states contribute to the final classification. It also classifies the specific vulnerability type through multi-task learning as this not only provides further explanation but also allows faster patching for zero-day vulnerabilities. We show that VulANalyzeR achieves better performance for vulnerability detection over the state-of-the-art baselines. Additionally, a Common Vulnerability Exposure dataset is used to evaluate real complex vulnerabilities. We conduct case studies to show that VulANalyzeR is able to accurately identify the instructions and basic blocks that cause the vulnerability even without given any prior knowledge related to the locations during the training phase.

computer science, information systems

Guan-Yan Yang,Yi-Heng Ko,Farn Wang,Kuo-Hui Yeh,Haw-Shiang Chang,Hsueh-Yi Chen

2024-10-29

Abstract:Our work explores the utilization of deep learning, specifically leveraging the CodeBERT model, to enhance code security testing for Python applications by detecting SQL injection vulnerabilities. Unlike traditional security testing methods that may be slow and error-prone, our approach transforms source code into vector representations and trains a Long Short-Term Memory (LSTM) model to identify vulnerable patterns. When compared with existing static application security testing (SAST) tools, our model displays superior performance, achieving higher precision, recall, and F1-score. The study demonstrates that deep learning techniques, particularly with CodeBERT's advanced contextual understanding, can significantly improve vulnerability detection, presenting a scalable methodology applicable to various programming languages and vulnerability types.

Cryptography and Security,Artificial Intelligence,Software Engineering

Weiye Yu,Guang Kou,Qihe Liu,Haoyu Zhang,Qiang Wang

DOI: https://doi.org/10.1109/smartworld-uic-atc-scalcom-digitaltwin-pricomp-metaverse56740.2022.00253

2022-01-01

Abstract:Software vulnerability detection has attracted more and more attention. Traditional vulnerability detection methods require a lot of expertise to define the vulnerability features, whereas the deep learning based methods can perform the feature extraction automatically. These deep learning based techniques handle the problem directly by regarding the code fragments as a series of tokens or a single graph structure, which makes them perform well on synthetic or semi-synthetic datasets. However, for real-world scenarios, the existing deep learning based techniques still suffer from some limitations. In this work, we propose PATVD, a vulnerability detection method combining pre-training techniques and adversarial training. We first use the pre-training model to combine the source code fragments and the corresponding data flow graph, such that both the characteristics of code structures and the token sequence can be integrated to learn the more complex vulnerability information contained in the real-world datasets. Then, to address the imbalance in the distribution of real-world datasets, we incorporate adversarial training on the code embedding space as a way of regularization to improve model generalization. Finally, the code representation added to the adversarial training is given to the classification model. To verify the validity of our method, we perform a set of comparative experimental evaluations on both artificially synthesized datasets and the latest published real-world datasets. The experimental results show that PATVD has achieved better results than the state-of-the-art methods in both synthetic datasets and real-world datasets. The adversarial training module can also make the model attain additional gains on real-world datasets.

Sixuan Wang,Chen Huang,Dongjin Yu,Xin Chen

DOI: https://doi.org/10.1002/spe.3205

2023-04-12

Software - Practice and Experience

Abstract:Code vulnerabilities can have serious consequences such as system attacks and data leakage, making it crucial to perform code vulnerability detection during the software development phase. Deep learning is an emerging approach for vulnerability detection tasks. Existing deep learning‐based code vulnerability detection methods are usually based on word2vec embedding of linear sequences of source code, followed by code vulnerability detection through RNNs network. However, such methods can only capture the superficial structural or syntactic information of the source code text, which is not suitable for modeling the complex control flow and data flow and miss edge information in the graph structure constructed by the source code, with limited effect of neural network model. To solve the above problems, this article proposes a code vulnerability detection method, named VulGraB, which is based on graph embedding and bidirectional gated graph neural networks. VulGraB uses node2vec to convert the program‐dependent graphs into graph embeddings of the code, which contain rich structure information of the source code, improving the ability of features to express nonlinear information to a certain extent. Then the BiGGNN is used for training, and finally the accuracy of the detection results is evaluated using target program. The bi‐directional gated neural network utilizes a bi‐directional recurrent structure, which is beneficial to global information aggregation. The experimental results show that the accuracy of VulGraB is significantly improved over the baseline models on two datasets, with F1 scores of 85.89% and 97.24% being the highest, demonstrating that VulGraB consistently outperforms other effective vulnerability detection models.

computer science, software engineering

Aidan Z.H. Yang,Haoye Tian,He Ye,Ruben Martins,Claire Le Goues

2024-06-10

Abstract:Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of static analysis based deep learning models. However, language models trained solely on code tokens do not capture either the explanation of vulnerability type or the data flow structure information of code, both of which are crucial for vulnerability detection. We propose a novel technique that integrates a multitask sequence-to-sequence LLM with pro-gram control flow graphs encoded as a graph neural network to achieve sequence-to-classification vulnerability detection. We introduce MSIVD, multitask self-instructed fine-tuning for vulnerability detection, inspired by chain-of-thought prompting and LLM self-instruction. Our experiments demonstrate that MSIVD achieves superior performance, outperforming the highest LLM-based vulnerability detector baseline (LineVul), with a F1 score of 0.92 on the BigVul dataset, and 0.48 on the PreciseBugs dataset. By training LLMs and GNNs simultaneously using a combination of code and explanatory metrics of a vulnerable program, MSIVD represents a promising direction for advancing LLM-based vulnerability detection that generalizes to unseen data. Based on our findings, we further discuss the necessity for new labelled security vulnerability datasets, as recent LLMs have seen or memorized prior datasets' held-out evaluation data.

Cryptography and Security,Machine Learning,Software Engineering

Bin Yuan,Yifan Lu,Yilin Fang,Yueming Wu,Deqing Zou,Zhen Li,Zhi Li,Hai Jin

DOI: https://doi.org/10.1109/icse48619.2023.00190

2023-01-01

Abstract:Software vulnerabilities have posed huge threats to the cyberspace security, and there is an increasing demand for automated vulnerability detection (VD). In recent years, deep learning-based (DL-based) vulnerability detection systems have been proposed for the purpose of automatic feature extraction from source code. Although these methods can achieve ideal performance on synthetic datasets, the accuracy drops a lot when detecting real-world vulnerability datasets. Moreover, these approaches limit their scopes within a single function, being not able to leverage the information between functions. In this paper, we attempt to extract the function's abstract behaviors, figure out the relationships between functions, and use this global information to assist DL-based VD to achieve higher performance. To this end, we build a Behavior Graph Model and use it to design a novel framework, namely VulBG. To examine the ability of our constructed Behavior Graph Model, we choose several existing DL-based VD models (e.g., TextCNN, ASTGRU, CodeBERT, Devign, and VulCNN) as our baseline models and conduct evaluations on two real-world datasets: the balanced FFMpeg+Qemu dataset and the unbalanced Chrome+Debian dataset. Experimental results indicate that VulBG enables all baseline models to detect more real vulnerabilities, thus improving the overall detection performance.

Yu Liu,Lang Gao,Mingxin Yang,Yu Xie,Ping Chen,Xiaojin Zhang,Wei Chen

2024-08-21

Abstract:Large Language Models (LLMs) have training corpora containing large amounts of program code, greatly improving the model's code comprehension and generation capabilities. However, sound comprehensive research on detecting program vulnerabilities, a more specific task related to code, and evaluating the performance of LLMs in this more specialized scenario is still lacking. To address common challenges in vulnerability analysis, our study introduces a new benchmark, VulDetectBench, specifically designed to assess the vulnerability detection capabilities of LLMs. The benchmark comprehensively evaluates LLM's ability to identify, classify, and locate vulnerabilities through five tasks of increasing difficulty. We evaluate the performance of 17 models (both open- and closed-source) and find that while existing models can achieve over 80% accuracy on tasks related to vulnerability identification and classification, they still fall short on specific, more detailed vulnerability analysis tasks, with less than 30% accuracy, making it difficult to provide valuable auxiliary information for professional vulnerability mining. Our benchmark effectively evaluates the capabilities of various LLMs at different levels in the specific task of vulnerability detection, providing a foundation for future research and improvements in this critical area of code security. VulDetectBench is publicly available at <a class="link-external link-https" href="https://github.com/Sweetaroo/VulDetectBench" rel="external noopener nofollow">this https URL</a>.

Cryptography and Security,Artificial Intelligence,Software Engineering

Wenlin Xu,Tong Li,Jinsong Wang,Haibo Duan,Yahui Tang

DOI: https://doi.org/10.1109/trustcom60117.2023.00129

2024-01-01

Abstract:Software vulnerabilities detection is crucial in cyber security which protects the software systems from malicious attacks. The majority of earlier techniques relied on security professionals to provide software features before training a classification or regression model on the features to find vulnerabilities. However, defining software features and collecting high-quality labeled vulnerabilities for training are both time consuming. To handle these issues, in this paper, we propose an unsupervised and effective method for extracting software features and detecting software vulnerabilities automatically. Firstly, we obtain software features and build a new pre-trained BERT model through constructing C/C++ vocabulary and pre-training on software source code. We then fine-tune the pre-trained BERT model with a deep autoencoder and create low-dimensional embedding from the software features. We finally apply a clustering-based outlier detection method on the embedding to detect vulnerabilities. We evaluate our method on five datasets with programs written in C/C++, experimental results show that our method outperforms state-of-the-art software vulnerability detection methods.

Jin Wang,Hui Xiao,Shuwen Zhong,Yinhao Xiao

DOI: https://doi.org/10.1016/j.future.2023.05.016

IF: 7.307

2023-05-28

Future Generation Computer Systems

Abstract:Software vulnerabilities can pose severe harms to a computing system. They can lead to system crash, privacy leakage, or even physical damage. Correctly identifying vulnerabilities among enormous software codes in a timely manner is so far the essential prerequisite to patch them. Unfortantely, the current vulnerability identification methods, either the classic ones or the deep-learning-based ones, have several critical drawbacks, making them unable to meet the present-day demands put forward by the software industry. To overcome the drawbacks, in this paper, we propose DeepVulSeeker, a novel fully automated vulnerability identification framework, which leverages both code graph structures and the semantic features with the help of the recently advanced Graph Representation Self-Attention and pre-training mechanisms. Our experiments show that DeepVulSeeker not only reaches an accuracy as high as 0.99 on traditional CWE datasets, but also outperforms all other exisiting methods on two highly-complicated datasets. We also testified DeepVulSeeker based on three case studies, and found that DeepVulSeeker is able to understand the implications of the vulnerbilities. We have fully implemented DeepVulSeeker and open-sourced it for future follow-up research.

computer science, theory & methods