Guanjun Lin,Sheng Wen,Qing-Long Han,Jun Zhang,Yang Xiang

DOI: https://doi.org/10.1109/jproc.2020.2993293

IF: 20.6

2020-10-01

Proceedings of the IEEE

Abstract:The constantly increasing number of disclosed security vulnerabilities have become an important concern in the software industry and in the field of cybersecurity, suggesting that the current approaches for vulnerability detection demand further improvement. The booming of the open-source software community has made vast amounts of software code available, which allows machine learning and data mining techniques to exploit abundant patterns within software code. Particularly, the recent breakthrough application of deep learning to speech recognition and machine translation has demonstrated the great potential of neural models' capability of understanding natural languages. This has motivated researchers in the software engineering and cybersecurity communities to apply deep learning for learning and understanding vulnerable code patterns and semantics indicative of the characteristics of vulnerable code. In this survey, we review the current literature adopting deep-learning-/neural-network-based approaches for detecting software vulnerabilities, aiming at investigating how the state-of-the-art research leverages neural techniques for learning and understanding code semantics to facilitate vulnerability discovery. We also identify the challenges in this new field and share our views of potential research directions.

engineering, electrical & electronic

Chen Liang,Qiang Wei,Jiang Du,Yisen Wang,Zirui Jiang

DOI: https://doi.org/10.1016/j.cose.2024.104098

IF: 5.105

2025-01-01

Computers & Security

Abstract:Amidst the rapid development of the software industry and the burgeoning open-source culture, vulnerability detection within the software security domain has emerged as an ever-expanding area of focus. In recent years, the rapid advancement of artificial intelligence, particularly the notable progress in deep learning for pattern recognition and natural language processing, has catalyzed a surge in research endeavors exploring the integration of deep learning for the enhancement of vulnerability detection techniques.In this paper, we investigate contemporary deep learning-based source code analysis methods, with a concentrated emphasis on those pertaining to static code vulnerability detection. We categorize these methods based on various representations of source code employed during the preprocessing stage, including token-based and graph-based representations of source code, and further subdivided based on the types of deep learning algorithms or graph representations employed. We summarize the basic processes of model training and vulnerability detection under these different representation formats. Furthermore, we explore the limitations inherent in current approaches and provide insights into future trends and challenges for research in this field.

Nima Shiri Harzevili,Alvine Boaye Belle,Junjie Wang,Song Wang,Zhen Ming,Jiang,Nachiappan Nagappan

2023-06-21

Abstract:Software vulnerability detection is critical in software security because it identifies potential bugs in software systems, enabling immediate remediation and mitigation measures to be implemented before they may be exploited. Automatic vulnerability identification is important because it can evaluate large codebases more efficiently than manual code auditing. Many Machine Learning (ML) and Deep Learning (DL) based models for detecting vulnerabilities in source code have been presented in recent years. However, a survey that summarises, classifies, and analyses the application of ML/DL models for vulnerability detection is missing. It may be difficult to discover gaps in existing research and potential for future improvement without a comprehensive survey. This could result in essential areas of research being overlooked or under-represented, leading to a skewed understanding of the state of the art in vulnerability detection. This work address that gap by presenting a systematic survey to characterize various features of ML/DL-based source code level software vulnerability detection approaches via five primary research questions (RQs). Specifically, our RQ1 examines the trend of publications that leverage ML/DL for vulnerability detection, including the evolution of research and the distribution of publication venues. RQ2 describes vulnerability datasets used by existing ML/DL-based models, including their sources, types, and representations, as well as analyses of the embedding techniques used by these approaches. RQ3 explores the model architectures and design assumptions of ML/DL-based vulnerability detection approaches. RQ4 summarises the type and frequency of vulnerabilities that are covered by existing studies. Lastly, RQ5 presents a list of current challenges to be researched and an outline of a potential research roadmap that highlights crucial opportunities for future work.

Software Engineering

Jian Jiang,Xiangzhan Yu,Yan Sun,Haohua Zeng

DOI: https://doi.org/10.1007/978-3-030-24268-8_29

2019-01-01

Abstract:Nowadays, the study of vulnerability discovery has been attracted the widespread attention and the experts have proposed many different approaches in the past decades. To optimize the efficiency of the method, machine learning techniques are introduced into this area. In this paper, we provide an extensive review of the work in the field of software vulnerability discovery that utilize machine learning techniques. For the three key technologies of static analysis, symbolic execution and fuzzing in vulnerability discovery field, we first explain the basic principles respectively. Afterward, we review the research situation of software vulnerability discovery using machine learning techniques. Finally, we discuss both advantages and limitations of the approaches reviewed in the paper, and point out challenges and some uncharted territories in the three categories. In this paper, a brief study of the software vulnerability discovery using machine learning techniques is given, which is helpful to carry out the follow-up research work.

SUN Hongyu,HE Yuan,WANG Jice,DONG Ying,ZHU Lipeng,WANG He,ZHANG Yuqing

DOI: https://doi.org/10.11959/j.issn.1000-436x.2018137

2018-01-01

Abstract:The large number of software and the enhancement of complexity have brought severe challenges to the research of software security vulnerabilities.The efficiency of manual research on security vulnerabilities is low and cannot meet the needs of cyberspace security.Therefore,how to apply artificial intelligence techniques such as machine learning and natural language processing to the study of security vulnerabilities has become a new hot spot.Artificial intelligence technology can intelligently process vulnerability information,which can assist in the research of security vulnerabilities and improve the efficiency of research on security vulnerabilities such as vulnerability mining.Firstly,the key technologies of automatic mining,automatic assessment,automatic exploitation and automatic repair of security vulnerabilities were analyzed,which pointed out that the automation of security vulnerability mining was the key of the application of artificial intelligence in the field of security vulnerability.Then,the latest research results of applying artificial intelligence technology to the research on security vulnerabilities was analyzed and summarized in recent years,which pointed out some problems in the application and gave corresponding solutions.Finally,the development trend of intelligent research on security vulnerabilities was prospected.

Zhibin Guan,Xiaomeng Wang,Wei Xin,Jiajie Wang,Li Zhang

DOI: https://doi.org/10.1109/icccs49078.2020.9118556

2020-01-01

Abstract:With the rapid development of information technology, various software applications are flooding our daily lives. The development of these application software inevitably generates a lot of source code. How to detect and analyze various defects in the source code, such as API/Function call errors, array misuse, and expression syntax error, etc., which is known as source code defect analysis (SCDA), has attracted the attention of many researchers in the academic field. Since artificial intelligence (AI) technology has achieved excellent results in the field of image processing and natural language processing, researchers have tried to use deep learning algorithms in AI to automatically extract and analyze features of source code. Therefore, we review the recent deep learning-based source code defect analysis methods, including abstract syntax tree-based methods, program dependency graph-based methods, and other deep learning-based methods. Compared to traditional methods, the deep learning-based code defect analysis methods can realize the automatic extraction of source code defect features. This means that there is no longer a need for human experts to pre-define code features, which avoids errors caused by humans to a certain extent. The application research of AI in the source code defect analysis is an interesting and challenging development direction, and we believe it has broad development prospects.

Gong Jie,Kuang Xiao-hui,Liu Qiang

DOI: https://doi.org/10.1109/dsc.2016.33

2016-01-01

Abstract:With the increasingly rich of vulnerability related data and the extensive application of machine learning methods, software vulnerability analysis methods based on machine learning is becoming an important research area of information security. In this paper, the up-to-date and well-known works in this research area were analyzed deeply. A framework for software vulnerability analysis based on machine learning was proposed. And the existing works were described and compared, the limitations of these works were discussed. The future research directions on software vulnerability analysis based on machine learning were put forward in the end.

Jacob A. Harer,Louis Y. Kim,Rebecca L. Russell,Onur Ozdemir,Leonard R. Kosta,Akshay Rangamani,Lei H. Hamilton,Gabriel I. Centeno,Jonathan R. Key,Paul M. Ellingwood,Erik Antelman,Alan Mackay,Marc W. McConley,Jeffrey M. Opper,Peter Chin,Tomo Lazovich

DOI: https://doi.org/10.48550/arXiv.1803.04497

2018-02-14

Software Engineering

Abstract:Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often manifest themselves in subtle ways that are not obvious to code reviewers or the developers themselves. With the wealth of open source code available for analysis, there is an opportunity to learn the patterns of bugs that can lead to security vulnerabilities directly from data. In this paper, we present a data-driven approach to vulnerability detection using machine learning, specifically applied to C and C++ programs. We first compile a large dataset of hundreds of thousands of open-source functions labeled with the outputs of a static analyzer. We then compare methods applied directly to source code with methods applied to artifacts extracted from the build process, finding that source-based models perform better. We also compare the application of deep neural network models with more traditional models such as random forests and find the best performance comes from combining features learned by deep models with tree-based models. Ultimately, our highest performing model achieves an area under the precision-recall curve of 0.49 and an area under the ROC curve of 0.87.

Yingzhou Bi,Jiangtao Huang,Penghui Liu,Lianmei Wang

DOI: https://doi.org/10.48550/arXiv.2303.16362

2023-03-29

Abstract:Software vulnerabilities can have serious consequences, which is why many techniques have been proposed to defend against them. Among these, vulnerability detection techniques are a major area of focus. However, there is a lack of a comprehensive approach for benchmarking these proposed techniques. In this paper, we present the first survey that comprehensively investigates and summarizes the current state of software vulnerability detection benchmarking. We review the current literature on benchmarking vulnerability detection, including benchmarking approaches in technique-proposing papers and empirical studies. We also separately discuss the benchmarking approaches for traditional and deep learning-based vulnerability detection techniques. Our survey analyzes the challenges of benchmarking software vulnerability detection techniques and the difficulties involved. We summarize the challenges of benchmarking software vulnerability detection techniques and describe possible solutions for addressing these challenges.

Software Engineering

Zhongzheng Lai,Huaming Chen,Ruoxi Sun,Yu Zhang,Minhui Xue,Dong Yuan

2024-06-13

Abstract:The security guarantee of AI-enabled software systems (particularly using deep learning techniques as a functional core) is pivotal against the adversarial attacks exploiting software vulnerabilities. However, little attention has been paid to a systematic investigation of vulnerabilities in such systems. A common situation learned from the open source software community is that deep learning engineers frequently integrate off-the-shelf or open-source learning frameworks into their ecosystems. In this work, we specifically look into deep learning (DL) framework and perform the first systematic study of vulnerabilities in DL systems through a comprehensive analysis of identified vulnerabilities from Common Vulnerabilities and Exposures (CVE) and open-source DL tools, including TensorFlow, Caffe, OpenCV, Keras, and PyTorch. We propose a two-stream data analysis framework to explore vulnerability patterns from various databases. We investigate the unique DL frameworks and libraries development ecosystems that appear to be decentralized and fragmented. By revisiting the Common Weakness Enumeration (CWE) List, which provides the traditional software vulnerability related practices, we observed that it is more challenging to detect and fix the vulnerabilities throughout the DL systems lifecycle. Moreover, we conducted a large-scale empirical study of 3,049 DL vulnerabilities to better understand the patterns of vulnerability and the challenges in fixing them. We have released the full replication package at <a class="link-external link-https" href="https://github.com/codelzz/Vulnerabilities4DLSystem" rel="external noopener nofollow">this https URL</a>. We anticipate that our study can advance the development of secure DL systems.

Software Engineering,Artificial Intelligence

Fanqi Meng,Ren Huang,Jingdong Wang

DOI: https://doi.org/10.1109/iscon57294.2023.10112194

2023-01-01

Abstract:In the process of software development, software defects are inevitable. How to quickly and accurately identify defects and accurately deliver bug reports to the most appropriate repair personnel is very important for defect repair. In recent years, with the development of artificial intelligence, deep learning has been widely used in software defect research. This paper summarizes and analyzes the progress of software defect research based on deep learning in the past three years from four perspectives of software defect prediction, software defect identification, software defect analysis and bug report assignment. They are software defect prediction technology based on the TextCNN model and TextRNN model, a software defect identification technology based on LSTM, BiLSTM, DNCC, a software defect analysis technology based on the DAKSM model, and a software bug report assignment technology based on Atten-CRNN model. And compared these mentioned deep learning-based techniques with previous techniques in the field. After experiments, it is concluded that these models have good accuracy. At the same time, the related technologies involved are introduced in detail, as the problems that may be encountered in future research in this field and the development prospects prospect.

Shibin Zhao,Junhu Zhu,Jianshan Peng

DOI: https://doi.org/10.32604/cmc.2024.041949

2024-01-01

Abstract:In recent years, the rapid development of computer software has led to numerous security problems, particularly software vulnerabilities. These flaws can cause significant harm to users' privacy and property. Current security defect detection technology relies on manual or professional reasoning, leading to missed detection and high false detection rates. Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes, reducing missed alarms and false alarms. So, this XSS (Transform), and Structured Query Language (SQL) injection. Also, the project uses open-source Javalang to translate the Java source code, conducts a deep search on the AST to obtain the empty syntax feature library, and converts the Java source code into a dependency graph. The feature vector is then used as the learning target for the neural network. Four types of Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM), Bi-directional Long Short-Term Memory (BiLSTM), and Attention Mechanism + Bidirectional LSTM, are used to investigate various code defects, including blank pointer reference exception, XSS, and SQL injection defects. Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition, verifying the correctness of the method.

Zhen Li,Deqing Zou,Shouhuai Xu,Hai Jin,Yawei Zhu,Zhaoxuan Chen

DOI: https://doi.org/10.1109/tdsc.2021.3051525

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The detection of software vulnerabilities (or vulnerabilities for short) is an important problem that has yet to be tackled, as manifested by the many vulnerabilities reported on a daily basis. This calls for machine learning methods for vulnerability detection. Deep learning is attractive for this purpose because it alleviates the requirement to manually define features. Despite the tremendous success of deep learning in other application domains, its applicability to vulnerability detection is not systematically understood. In order to fill this void, we propose the first systematic framework for using deep learning to detect vulnerabilities in C/C++ programs with source code. The framework, dubbed Syntax-based, Semantics-based, and Vector Representations (SySeVR), focuses on obtaining program representations that can accommodate syntax and semantic information pertinent to vulnerabilities. Our experiments with four software products demonstrate the usefulness of the framework: we detect 15 vulnerabilities that are not reported in the National Vulnerability Database. Among these 15 vulnerabilities, seven are unknown and have been reported to the vendors, and the other eight have been "silently" patched by the vendors when releasing newer versions of the pertinent software products.

computer science, information systems, software engineering, hardware & architecture

Yan Wu,Jingyi Su,David D. Moran,Chris D. Near

DOI: https://doi.org/10.48550/arXiv.2301.06215

2023-01-15

Software Engineering

Abstract:The mass production of complex software has made it impossible to manually test it for security vulnerabilities. Automated security testing tools come in a variety of flavors, function at various stages of software development, and target different categories of software vulnerabilities. It is great that we have a plethora of automated tools to choose from, but it is a problem that their adoption and recognition are not prominent. The purpose of this study is to explore the possibilities of existing techniques while also broadening the horizon by exploring the future of security testing tools and related techniques.

Ahmed Abdu,Zhengjun Zhai,Redhwan Algabri,Hakim A. Abdo,Kotiba Hamad,Mugahed A. Al-antari

DOI: https://doi.org/10.3390/math10173120

IF: 2.4

2022-08-31

Mathematics

Abstract:Software defect prediction (SDP) methodology could enhance software's reliability through predicting any suspicious defects in its source code. However, developing defect prediction models is a difficult task, as has been demonstrated recently. Several research techniques have been proposed over time to predict source code defects. However, most of the previous studies focus on conventional feature extraction and modeling. Such traditional methodologies often fail to find the contextual information of the source code files, which is necessary for building reliable prediction deep learning models. Alternatively, the semantic feature strategies of defect prediction have recently evolved and developed. Such strategies could automatically extract the contextual information from the source code files and use them to directly predict the suspicious defects. In this study, a comprehensive survey is conducted to systematically show recent software defect prediction techniques based on the source code's key features. The most recent studies on this topic are critically reviewed through analyzing the semantic feature methods based on the source codes, the domain's critical problems and challenges are described, and the recent and current progress in this domain are discussed. Such a comprehensive survey could enable research communities to identify the current challenges and future research directions. An in-depth literature review of 283 articles on software defect prediction and related work was performed, of which 90 are referenced.

mathematics

Ezzeldin Shereen,Dan Ristea,Sanyam Vyas,Shae McFadden,Madeleine Dwyer,Chris Hicks,Vasilios Mavroudis

2024-12-15

Abstract:The frequent discovery of security vulnerabilities in both open-source and proprietary software underscores the urgent need for earlier detection during the development lifecycle. Initiatives such as DARPA's Artificial Intelligence Cyber Challenge (AIxCC) aim to accelerate Automated Vulnerability Detection (AVD), seeking to address this challenge by autonomously analyzing source code to identify vulnerabilities. This paper addresses two primary research questions: (RQ1) How is current AVD research distributed across its core components? (RQ2) What key areas should future research target to bridge the gap in the practical applicability of AVD throughout software development? To answer these questions, we conduct a systematization over 79 AVD articles and 17 empirical studies, analyzing them across five core components: task formulation and granularity, input programming languages and representations, detection approaches and key solutions, evaluation metrics and datasets, and reported performance. Our systematization reveals that the narrow focus of AVD research-mainly on specific tasks and programming languages-limits its practical impact and overlooks broader areas crucial for effective, real-world vulnerability detection. We identify significant challenges, including the need for diversified problem formulations, varied detection granularities, broader language support, better dataset quality, enhanced reproducibility, and increased practical impact. Based on these findings we identify research directions that will enhance the effectiveness and applicability of AVD solutions in software security.

Software Engineering,Artificial Intelligence

Hazim Hanif,Mohd Hairul Nizam Md Nasir,Mohd Faizal Ab Razak,Ahmad Firdaus,Nor Badrul Anuar

DOI: https://doi.org/10.1016/j.jnca.2021.103009

IF: 7.574

2021-04-01

Journal of Network and Computer Applications

Abstract:The detection of software vulnerability requires critical attention during the development phase to make it secure and less vulnerable. Vulnerable software always invites hackers to perform malicious activities and disrupt the operation of the software, which leads to millions in financial losses to software companies. In order to reduce the losses, there are many reliable and effective vulnerability detection systems introduced by security communities aiming to detect the software vulnerabilities as early as in the development or testing phases. To summarise the software vulnerability detection system, existing surveys discussed the conventional and data mining approaches. These approaches are widely used and mostly consist of traditional detection techniques. However, they lack discussion on the newly trending machine learning approaches, such as supervised learning and deep learning techniques. Furthermore, existing studies fail to discuss the growing research interest in the software vulnerability detection community throughout the years. With more discussion on this, we can predict and focus on what are the research problems in software vulnerability detection that need to be urgently addressed. Aiming to reduce these gaps, this paper presents the research interests' taxonomy in software vulnerability detection, such as methods, detection, features, code and dataset. The research interest categories exhibit current trends in software vulnerability detection. The analysis shows that there is considerable interest in addressing methods and detection problems, while only a few are interested in code and dataset problems. This indicates that there is still much work to be done in terms of code and dataset problems in the future. Furthermore, this paper extends the machine learning approaches taxonomy, which is used to detect the software vulnerabilities, like supervised learning, semi-supervised learning, ensemble learning and deep learning. Based on the analysis, supervised learning and deep learning approaches are trending in the software vulnerability detection community as these techniques are able to detect vulnerabilities such as buffer overflow, SQL injection and cross-site scripting effectively with a significant detection performance, up to 95% of F1 score. Finally, this paper concludes with several discussions on potential future work in software vulnerability detection in terms of datasets, multi-vulnerabilities detection, transfer learning and real-world applications.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Weina Niu,Xiaosong Zhang,Xiaojiang Du,Lingyuan Zhao,Rong Cao,Mohsen Guizani

DOI: https://doi.org/10.1016/j.measurement.2019.107139

IF: 5.6

2019-01-01

Measurement

Abstract:Computer system vulnerabilities, computer viruses, and cyber attacks are rooted in software vulnerabilities. Reducing software defects, improving software reliability and security are urgent problems in the development of software. The core content is the discovery and location of software vulnerability. However, traditional human experts-based approaches are labor-consuming and time-consuming. Thus, some automatic detection approaches are proposed to solve the problem. But, they have a high false negative rate. In this paper, a deep learning based static taint analysis approach is proposed to automatically locate Internet of Things (IoT) software vulnerability, which can relieve tedious manual analysis and improve detection accuracy. Deep learning is used to detect vulnerability since it considers the program context. Firstly, the taint from the difference file between the source program and its patched program selection rules are designed. Secondly, the taint propagation paths are got using static taint analysis. Finally, the detection model based on two-stage Bidirectional Long Short Term Memory (BLSTM) is applied to discover and locate software vulnerabilities. The Code Gadget Database is used to evaluate the proposed approach, which includes two types of vulnerabilities in C/C++ programs, buffer error vulnerability (CWE-119) and resource management error vulnerability (CWE-399). Experimental results show that our proposed approach can achieve an accuracy of 0.9732 for CWE-119 and 0.9721 for CWE-399, which is higher than that of the other three models (the accuracy of RNN, LSTM, and BLSTM is under than 0.97) and achieve a lower false negative rate and false positive rate than the other approaches. (C) 2019 Published by Elsevier Ltd.

Ruyan Lin,Yulong Fu,Wei Yi,Jincheng Yang,Jin Cao,Zhiqiang Dong,Fei Xie,Hui Li

DOI: https://doi.org/10.1145/3694782

IF: 16.6

2024-10-09

ACM Computing Surveys

Abstract:Over the past decade, Open Source Software (OSS) has experienced rapid growth and widespread adoption, attributed to its openness and editability. However, this expansion has also brought significant security challenges, particularly introducing and propagating software vulnerabilities. Despite the use of machine learning and formal methods to tackle these issues, there remains a notable gap in comprehensive surveys that summarize and analyze both Vulnerability Detection (VD) and Security Patch Detection (SPD) in OSS. This article seeks to bridge this gap through an extensive survey that evaluates 127 technical studies published between 2014 and 2023, structured around the Vulnerability-Patch lifecycle. We begin by delineating the six critical events that constitute the Vulnerability-Patch lifecycle, leading to an in-depth exploration of the Vulnerability-Patch ecosystem. We then systematically review the databases commonly used in VD and SPD, and analyze their characteristics. Subsequently, we examine existing VD methods, focusing on traditional and deep learning based approaches. Additionally, we organize current security patch identification methods by kernel type and discuss techniques for detecting the presence of security patches. Based on our comprehensive review, we identify open research questions and propose future research directions that merit further exploration.

computer science, theory & methods

Xueshuai Ge,Tieming Liu,Yaobin Xie,Yuanyuan Zhang

DOI: https://doi.org/10.1117/12.2683413

2023-01-01

Abstract:The mining and exploitation of security vulnerabilities have always been the focus of offensive and defensive confrontations. In recent years, with the application of technologies such as fuzzing in vulnerability mining, the number of discovered vulnerabilities continues to increase, which seriously threatens the security of the network world. With so many vulnerabilities, it is unrealistic to rely solely on manual analysis by security experts, which is not only costly, but also time-consuming, and cannot meet the needs of vulnerability assessment and defense. Therefore, an automated exploit solution for vulnerabilities is urgently needed to solve the problem of low efficiency of manual vulnerability assessment. Existing research has proposed some solutions and achieved certain results. The purpose of this paper is to review and analyze the existing typical research results.