Chao Ni,Xinrong Guo,Yan Zhu,Xiaodan Xu,Xiaohu Yang

DOI: https://doi.org/10.1109/ase56229.2023.00084

2024-01-01

Abstract:Software vulnerabilities damage the functionality of software systems. Recently, many deep learning-based approaches have been proposed to detect vulnerabilities at the function level by using one or a few different modalities (e.g., text representation, graph-based representation) of the function and have achieved promising performance. However, some of these existing studies have not completely leveraged these diverse modalities, particularly the underutilized image modality, and the others using images to represent functions for vulnerability detection have not made adequate use of the significant graph structure underlying the images. In this paper, we propose MVulD, a multi-modal-based function-level vulnerability detection approach, which utilizes multi-modal features of the function (i.e., text representation, graph representation, and image representation) to detect vulnerabilities. Specifically, MVulD utilizes a pre-trained model (i.e., UniXcoder) to learn the semantic information of the textual source code, employs the graph neural network to distill graph-based representation, and makes use of computer vision techniques to obtain the image representation while retaining the graph structure of the function. We conducted a large-scale experiment on 25,816 functions. The experimental results show that MVulD improves four state-of-the-art baselines by 30.8%-81.3%, 12.8%-27.4%, 48.8%-115%, and 22.9%-141% in terms of F1-score, Accuracy, Precision, and PR-AUC respectively.

Yan Wang,Peng Jia,Xi Peng,Cheng Huang,Jiayong Liu

DOI: https://doi.org/10.1016/j.cose.2022.103023

IF: 5.105

2022-01-01

Computers & Security

Abstract:Static detection of security vulnerabilities in binary programs is an important research field in software supply chain security. However, existing vulnerability detection methods based on code similarity can only detect known vulnerabilities. Vulnerability features generated by vulnerability pattern-based detection methods are low robust due to the influence of manually defined patterns, compiler diversity, and irrelevant function instructions. In this paper, we propose BinVulDet, which is a binary level vulnerability detection tool for accurate known and unknown vulnerability detection. BinVulDet uses decompilation techniques to obtain pseudo code containing high-level semantic information against the impact of compilation diversity. Then the program slicing technique is used to extract the statements with data dependencies and control dependencies related to the vulnerability. A BiLSTM-attention neural network is used to extract rich contextual semantic information from slice codes to generate more robust vulnerability patterns to detect vulnerabilities. The experimental results show that BinVulDet outperforms the state-of-the-art binary vulnerability detection methods. The FPR and FNR of BinVulDet are 1.04% and 0.89% on average, respectively, which are 3.93% and 22.86% lower than the baseline model on average. BinVulDet can effectively against the influence of compilation diversity and successfully be used for real-world vulnerability detection by being evaluated in three CVE vulnerability projects.

Shubin Yuan,Chenyu Liu,Jianheng Shi,Kai Zhang,Wei Pu,Xinyu Liu,Liqun Yang

DOI: https://doi.org/10.1109/eei63073.2024.10696068

2024-01-01

Abstract:Binary program vulnerabilities are particularly difficult to detect and understand using traditional methods due to their concealment and complexity. To address this challenge, we propose an innovative binary code vulnerability detection frame- work that combines program slicing techniques with a hybrid neural network model to achieve high-precision identification and classification of vulnerabilities in binary code. Specifically, we first generate semantically relevant binary slices using Program Dependence Graphs (PDG). These slices are then processed by a Bidirectional Long Short-Term Memory Network (BLSTM) and an attention mechanism to extract deep semantic features, while a Convolutional Neural Network (CNN) is employed to extract sequential features of the slices. Additionally, we introduce a Siamese network to evaluate the similarity between different code fragments, enhancing the model's ability to recognize unknown vulnerability patterns. Experimental results demonstrate that our approach performs exceptionally well in binary program vulnerability detection, significantly improving both the accuracy and efficiency of the detection process.

Jinfu Chen,Yemin Yin,Saihua Cai,Weijia Wang,Shengran Wang,Jiming Chen

DOI: https://doi.org/10.1016/j.scico.2024.103156

IF: 1.039

2024-01-01

Science of Computer Programming

Abstract:Software vulnerability detection is a challenging task in the security field, the boom of deep learning technology promotes the development of automatic vulnerability detection. Compared with sequence-based deep learning models, graph neural network (GNN) can learn the structural features of code, it performs well in the field of vulnerability detection for source code. However, different GNNs have different detection results for the same code, and using a single kind of GNN may lead to high false positive rate and false negative rate. In addition, the complex structure of source code causes single GNN model cannot effectively learn their depth feature, thereby leading to low detection accuracy. To solve these limitations, we propose a software vulnerability detection model called iGnnVD based on the integrated graph neural networks. In the proposed iGnnVD model, the base detectors including GCN, GAT and APPNP are first constructed to capture the bidirectional information in the code graph structure with bidirectional structure; And then, the residual connection is used to aggregate the features while retaining the features each time; Finally, the convolutional layer is used to perform the aggregated classification. In addition, an integration module that analyses the detection results of three detectors for final classification is designed using a voting strategy to solve the problem of high false positive rate and false negative rate caused by using a single kind of base detector. We perform extensive experiments on three datasets and experimental results show that the proposed iGnnVD model can improve the detection accuracy of vulnerabilities in source code as well as reduce the false positive rate and false negative rate compared with existing deep learning-based vulnerability detection models, it also has good stability.

Lu Yu,Yuliang Lu,Yi Shen,Hui Huang,Kailong Zhu

DOI: https://doi.org/10.1109/access.2021.3064687

IF: 3.9

2021-01-01

IEEE Access

Abstract:Applying neural network technology to binary similarity detection has become a promising search topic, and vulnerability detection is an important application field of binary similarity detection. When embedding binary code into matrix by neural network, the problem of feature representation also needs to be solved in vulnerability detection. However, most of the current researches extract the syntax or structural features of binary code, and take basic block as the minimum analysis unit, which is relatively coarse. In addition, the structural features of binary functions are usually represented by the dependency graph. In the embedding process, only the neighbour information of the node can be obtained, ignoring the global information of the graph. To solve these two problems, we propose a two-channel feature extraction method to obtain semantic feature in finer granularity and represent the structural features globally instead of locally. Inspired by natural language process, we propose a contextual semantic feature extraction method to obtain different granularity features of binary functions. It takes instruction as the minimum analysis unit and obtains the semantic relationship between instructions. Meanwhile, in order to represent the structural feature of each function, we propose a neural GAE model instead of the widely used structure2vec model. In this way, we can preserve and reconstruct the control dependencies between the basic blocks in the whole graph. We have implemented a prototype system BEDetector, evaluated the effectiveness of its neural model and compared the accuracy of vulnerability function detection with state-of-the-art system. Besides, we choose the real-world firmware files as the detection target and prove that BEDetector can achieve a relatively high detection rate. BEDetector could reach a precision of 88.8%, 86.7% and 100% when ranking top-50 candidate functions in the detectio- of the CVE vulnerability function $ssl3_{}get_{}key_{}exchange$ , $ssl3_{}get_{}new_{}session_{}ticket$ and ${udhcp_{}get_{}option}$ , proving the efficiency of our method.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhen Huang,Amy Aumpansub

2024-05-28

Abstract:Deep learning has been shown to be a promising tool in detecting software vulnerabilities. In this work, we train neural networks with program slices extracted from the source code of C/C++ programs to detect software vulnerabilities. The program slices capture the syntax and semantic characteristics of vulnerability-related program constructs, including API function call, array usage, pointer usage, and arithmetic expression. To achieve a strong prediction model for both vulnerable code and non-vulnerable code, we compare different types of training data, different optimizers, and different types of neural networks. Our result shows that combining different types of characteristics of source code and using a balanced number of vulnerable program slices and non-vulnerable program slices produce a balanced accuracy in predicting both vulnerable code and non-vulnerable code. Among different neural networks, BGRU with the ADAM optimizer performs the best in detecting software vulnerabilities with an accuracy of 92.49%.

Cryptography and Security,Machine Learning

LI Yan,QIANG Weizhong,LI Zhen,ZOU Deqing,JIN Hai

DOI: https://doi.org/10.11959/j.issn.2096-109x.2023085

2023-01-01

Abstract:In recent years,software vulnerabilities have been causing a multitude of security incidents,and the early discovery and patching of vulnerabilities can effectively reduce losses.Traditional rule-based vulnerability detection methods,relying upon rules defined by experts,suffer from a high false negative rate.Deep learning-based methods have the capability to automatically learn potential features of vulnerable programs.However,as software complexity increases,the precision of these methods decreases.On one hand,current methods mostly operate at the function level,thus unable to handle inter-procedural vulnerability samples.On the other hand,models such as BGRU and BLSTM exhibit performance degradation when confronted with long input sequences,and are not adept at capturing long-term dependencies in program statements.To address the aforementioned issues,the existing program slicing method has been optimized,enabling a comprehensive contextual analysis of vulnerabilities triggered across functions through the combination of intra-procedural and inter-procedural slicing.This facilitated the capture of the complete causal relationship of vulnerability triggers.Furthermore,a vulnerability detection task was conducted using a Transformer neural network architecture equipped with a multi-head attention mechanism.This architecture collectively focused on information from different representation subspaces,allowing for the extraction of deep features from nodes.Unlike recurrent neural networks,this approach resolved the issue of information decay and effectively learned the syntax and semantic information of the source program.Experimental results demonstrate that this method achieves an F1 score of 73.4%on a real software dataset.Compared to the comparative methods,it shows an improvement of 13.6%to 40.8%.Furthermore,it successfully detects several vulnerabilities in open-source software,confirming its effectiveness and applicability.

Tongshuai Wu,Liwei Chen,Gewangzi Du,Dan Meng,Gang Shi

DOI: https://doi.org/10.1109/tifs.2024.3374219

IF: 7.231

2024-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Detecting vulnerabilities in source code using deep learning models is emerging as a valuable research area. The key issue in using deep learning to detect vulnerabilities is the accurate representation. Current approaches for detecting vulnerabilities in C/C++ programs use functions or lines of code as the unit and only consider the basic syntactic structure of vulnerabilities. Unfortunately, functions and lines of code still have vulnerability-unrelated information, which is redundant for vulnerability features and is not conducive to deep learning models to learn accurate vulnerability patterns. This paper deeply analyzes the essential features of vulnerabilities and attacks. Then, we propose a novel variable-based deep learning vulnerability detection method for C/C++ that is more granular than existing function- or line of code-based vulnerability detection methods. Based on the triggering mechanism of vulnerabilities and typical memory attacks, we propose the concepts of key variables and insecure operations; these are used to propose new rules for determining the center point of code slices with more accurate vulnerability features. We propose the first ultra-fine-grained variable-based code slicing (UltraVCS) method by the new center point, which focuses on the vulnerability-related variable. This method removes as much vulnerability-unrelated information as possible to achieve more accurate vulnerability feature extraction. Experiments show that our approach can generate more code slices, achieve more precise vulnerability representation, and perform better vulnerability detection in open-source projects compared to state-of-the-art methods. Furthermore, we have discovered four zero-day vulnerabilities in real-world application scenarios in open-source projects.

computer science, theory & methods,engineering, electrical & electronic

Abdulrahman Hamman Adama Chukkol,Senlin Luo,Kashif Sharif,Yunusa Haruna,Muhammad Muhammad Abdullahi

2024-08-14

Abstract:Binary program vulnerability detection is critical for software security, yet existing deep learning approaches often rely on source code analysis, limiting their ability to detect unknown vulnerabilities. To address this, we propose VulCatch, a binary-level vulnerability detection framework. VulCatch introduces a Synergy Decompilation Module (SDM) and Kolmogorov-Arnold Networks (KAN) to transform raw binary code into pseudocode using CodeT5, preserving high-level semantics for deep analysis with tools like Ghidra and IDA. KAN further enhances feature transformation, enabling the detection of complex vulnerabilities. VulCatch employs word2vec, Inception Blocks, BiLSTM Attention, and Residual connections to achieve high detection accuracy (98.88%) and precision (97.92%), while minimizing false positives (1.56%) and false negatives (2.71%) across seven CVE datasets.

Cryptography and Security,Artificial Intelligence,Machine Learning,Software Engineering

Shigang Liu,Mahdi Dibaei,Yonghang Tai,Chao Chen,Jun Zhang,Yang Xiang

DOI: https://doi.org/10.1109/tii.2019.2942800

IF: 12.3

2020-01-01

IEEE Transactions on Industrial Informatics

Abstract:Internet of Things (IoT) integrates a variety of software (e.g., autonomous vehicles and military systems) in order to enable the advanced and intelligent services. These software increase the potential of cyber-attacks because an adversary can launch an attack using system vulnerabilities. Existing software vulnerability analysis methods used to be relying on human experts crafted features, which usually miss many vulnerabilities. It is important to develop an automatic vulnerability analysis system to improve the countermeasures. However, source code is not always available (e.g., most IoT related industry software are closed source). Therefore, vulnerability detection on binary code is a demanding task. This article addresses the automatic binary-level software vulnerability detection problem by proposing a deep learning-based approach. The proposed approach consists of two phases: binary function extraction, and model building. First, we extract binary functions from the cleaned binary instructions obtained by using IDA Pro. Then, we employ the attention mechanism on top of a bidirectional long short-term memory for building the predictive model. To show the effectiveness of the proposed approach, we have collected datasets from several different sources. We have compared our proposed approach with a series of baselines including source code-based techniques and binary code-based techniques. We have also applied the proposed approach to real-world IoT related software such as VLC media player and LibTIFF project that used on Autonomous Vehicles. Experimental results show that our proposed approach betters the baselines and is able to detect more vulnerabilities.

Andreas Schaad,Dominik Binder

DOI: https://doi.org/10.48550/arXiv.2212.01254

2022-11-25

Cryptography and Security

Abstract:The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification of vulnerabilities on basis of a binary executable without the corresponding source code is more challenging. Recent research [1] has shown, how such detection can be achieved by deep learning methods. However, that particular approach is limited to the identification of only 4 types of vulnerabilities. Subsequently, we analyze to what extent we could cover the identification of a larger variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. The underlying basis is a dataset with 50,651 samples of vulnerable code in the form of a standardized LLVM Intermediate Representation. The vectorised features of a Word2Vec model are used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). A binary classification was established for detecting the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of 23 (compared to 4 [1]) vulnerabilities.

Xiaonan Song,Aimin Yu,Haibo Yu,Shirun Liu,Xin Bai,Lijun Cai,Dan Meng

DOI: https://doi.org/10.1109/trustcom50675.2020.00049

2020-01-01

Abstract:Vulnerabilities in software will not only lead to security problems of the software itself, but also cause the spread of vulnerabilities through code clones. It is important to detect and locate vulnerabilities among the source code to facilitate the fix. Although many methods are proposed to detect code clones in source code, most of them fail to detect code clones that involve statement addition and deletion effectively or are not suitable for vulnerability detection. In this paper, we propose a method that can detect vulnerabilities caused by code clones. Program slices are used to filter statements that are not related to vulnerabilities and extract important vulnerable statements in function. Hash function and bitvector are applied to improve efficiency during the detection. The results are displayed in html, among which the vulnerable statements are highlighted to help subsequent patching work. Our method is evaluated on open source software (Openssl, Linux Kernel, FFmpeg and QEMU). The results of experiments show that our method detects 12.72% more vulnerable clones in acceptable time compared with Vuddy, proving the effectiveness of our method.

Lei Cui,Zhiyu Hao,Yang Jiao,Haiqiang Fei,Xiaochun Yun

DOI: https://doi.org/10.1109/tifs.2020.3047756

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Code similarity is one promising approach to detect vulnerabilities hidden in software programs. However, due to the complexity and diversity of source code, current methods suffer low accuracy, high false negative and poor performance, especially in analyzing a large program. In this paper, we propose to tackle these problems by presenting VulDetector, a static-analysis tool to detect C/C++ vulnerabilities based on graph comparison at the granularity of function. At the key of VulDetector is a weighted feature graph (WFG) model which characterizes function with a small yet semantically rich graph. It first pinpoints vulnerability-sensitive keywords to slice the control flow graph of a function, thereby reducing the graph size without compromising security-related semantics. Then, each sliced subgraph is characterized using WFG, which provides both syntactic and semantic features in varying degrees of security. As for graph comparison, we take full usage of vulnerability graph and patch graph to improve accuracy. In addition, we propose two optimization methods based on analysis of vulnerabilities. We have implemented VulDetector to automatically detect vulnerabilities in software programs with known vulnerabilities. The experimental results prove the effectiveness and efficiency of VulDetector.

Yulin Zhang,Yong Hu,Xiao Chen

DOI: https://doi.org/10.3390/s24051351

IF: 3.9

2024-02-20

Sensors

Abstract:With the increasing use of open-source libraries and secondary development, software projects face security vulnerabilities. Existing studies on source code vulnerability detection rely on natural language processing techniques, but they overlook the intricate dependencies in programming languages. To address this, we propose a framework called Context and Multi-Features-based Vulnerability Detection (CMFVD). CMFVD integrates source code graphs and textual sequences, using a novel slicing method called Context Slicing to capture contextual information. The framework combines graph convolutional networks (GCNs) and bidirectional gated recurrent units (BGRUs) with attention mechanisms to extract local semantic and syntactic information. Experimental results on Software Assurance Reference Datasets (SARDs) demonstrate CMFVD's effectiveness, achieving the highest F1-score of 0.986 and outperforming other models. CMFVD offers a promising approach to identifying and rectifying security flaws in large-scale codebases.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Xiaoyu Yi,Jun Wu,Gaolei Li,Ali Kashif Bashir,Jianhua Li,Ahmad Ali AlZubi

DOI: https://doi.org/10.1109/tnse.2022.3199990

IF: 6.6

2022-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Healthcare cyber physical systems (HCPS) always pursuing high availability allow software providers to adopt multiple kinds of development languages to reuse third-party program codes, while leading to the wide propagation of hidden software vulnerabilities. However, it is impossible to accurately trace execution paths and locate the key elements during the software execution process, which makes semantic features of vulnerabilities in the binary code can not bed extracted. This is the key support in automated vulnerability detection practices. To address these problems, a novel fast vulnerability detection mechanism based on recurrent semantic learning is proposed, which does not require high-level permissions to access the compiling process and traverse all execution paths. Firstly, a programframe is constructed to integrate software run-time logic and executing environment, detecting vulnerabilities from multi-programming language binary codes. Secondly, to achieve the powerful software execution context-awareness ability, a cascaded-LSTM recurrent neural network is designated to extract semantic features from binary files with vulnerabilities. Besides, we establish an experimental toolkit named an intelligent vulnerability detector (IntVD) to demonstrate the effectiveness of the proposed methods. Extensive and practical experiments validate that the vulnerability recognition accuracy on the HCPS software including VLC and LibTIFF can reach more than 95%.

engineering, multidisciplinary,mathematics, interdisciplinary applications

Abdulrahman Hamman Adama Chukkol,Senlin Luo,Haruna Yunusa,Abdulganiyu Abdu Yusuf,Abulfatahi Mohammed

DOI: https://doi.org/10.1145/3638584.3638599

2024-01-01

Abstract:Identifying vulnerabilities in binary code with precision is a critical area of study in the field of software security. Most existing techniques fail to pinpoint the vulnerability's exact location, due to the extensive labelled data requirement and lack of targeted approach to improve on the problematic code. In this paper, we introduce VulPin, a system specifically designed to pinpoint vulnerabilities in binary code. This framework uses a hierarchical attention network that analyze program slices along with a vulnerability position matrix. Experimental outcomes indicate that our framework not only outperforms existing approaches but also pinpoints vulnerabilities more rapidly with a high Accuracy and a very low rate of false positives.

Han Yan,Senlin Luo,Limin Pan,Yifei Zhang

DOI: https://doi.org/10.1016/j.cose.2021.102286

IF: 5.105

2021-01-01

Computers & Security

Abstract:Deep learning has shown effectiveness in binary software vulnerability detection due to its outstanding feature extraction capability independent of human expert experience. However, detection approaches such as Instruction2vec still have the following defects: (1) the context between an instruction’s elements (opcode, registers, etc.) is not fully incorporated when embedding a single instruction into its vector representation; (2) the crucial regions that related to vulnerability are not highlighted when extracting features of the vulnerable code. In this paper, we propose a hierarchical attention network for binary software vulnerability detection (HAN-BSVD). Through HAN-BSVD, the contextual information is first enriched by the preprocessor with unifying jump address and normalizing instruction, and then preserved by the instruction embedding network that composed of Bi-GRU and word-attention module; the local features are captured and the crucial regions are highlighted by the feature extraction network that composed of Text-CNN and spatial-attention module. The proposed approach is evaluated on the Juliet Test Suite dataset and the ICLR19 dataset, detection result performs better than the other compared approaches. Extensive ablation studies are also conducted to further prove the effectiveness of each design choice.

Zhujuan Ma,Jiaqi Chang,Erzhou Zhu,Binghao Cao

DOI: https://doi.org/10.1109/CSCWD57460.2023.10152764

2023-05-24

Abstract:Many of software vulnerability detection methods suffer from problems of dependent on expert experience, rough detection granularity, and incomplete syntax and semantics information on source codes. This paper proposes the VDDA, Vulnerability Detection based on Deep learning and Attention mechanism, an effective software vulnerability detection model based on deep learning and the attention mechanism. In the VDDA, deep learning technology is used to construct the underlying classifier to avoid the feature engineering of traditional machine learning techniques. The Joren slice tool combined with the code attribute graph (CPG) optimization is used to simplify the source code before it is fed to the Bidirectional Long Short-Term Memory (BLSTM) deep model. Meanwhile, the attention mechanism is employed to improve the efficiency and accuracy of vulnerability detection. Experiment results have demonstrated that the proposed VDDA model is more effective than the existing vulnerability detection methods.

Computer Science

Wenjing Cai,Junlin Chen,Jiaping Yu,Lipeng Gao

DOI: https://doi.org/10.1016/j.infsof.2023.107328

IF: 3.9

2023-12-01

Information and Software Technology

Abstract:The increasing size and complexity of software programs have made them an integral part of modern society’s infrastructure, making software vulnerabilities a major threat to computer security. To address this issue, the use of deep learning-based software vulnerability detection methods has become increasingly popular. Although the effectiveness of the deep learning-based methods has been demonstrated, these methods have faced challenges in scalability and detection performance. To tackle this challenge, we propose a new vulnerability detection method based on deep learning with complex network analysis and subgraph partition that enhances detection accuracy while maintaining scalability. The method uses complex network analysis theory to convert the CPG into an image-like matrix, and then utilizes TextCNN for vulnerability detection. As a result, our method shows a 6% improvement in accuracy and a 10% reduction in false positive rates compared to state-of-the-art methods. In addition, our approach is able to detect some of the vulnerabilities recently released by CVE.

computer science, information systems, software engineering

Jin Wang,Hui Xiao,Shuwen Zhong,Yinhao Xiao

DOI: https://doi.org/10.1016/j.future.2023.05.016

IF: 7.307

2023-05-28

Future Generation Computer Systems

Abstract:Software vulnerabilities can pose severe harms to a computing system. They can lead to system crash, privacy leakage, or even physical damage. Correctly identifying vulnerabilities among enormous software codes in a timely manner is so far the essential prerequisite to patch them. Unfortantely, the current vulnerability identification methods, either the classic ones or the deep-learning-based ones, have several critical drawbacks, making them unable to meet the present-day demands put forward by the software industry. To overcome the drawbacks, in this paper, we propose DeepVulSeeker, a novel fully automated vulnerability identification framework, which leverages both code graph structures and the semantic features with the help of the recently advanced Graph Representation Self-Attention and pre-training mechanisms. Our experiments show that DeepVulSeeker not only reaches an accuracy as high as 0.99 on traditional CWE datasets, but also outperforms all other exisiting methods on two highly-complicated datasets. We also testified DeepVulSeeker based on three case studies, and found that DeepVulSeeker is able to understand the implications of the vulnerbilities. We have fully implemented DeepVulSeeker and open-sourced it for future follow-up research.

computer science, theory & methods