Chao Ni,Xinrong Guo,Yan Zhu,Xiaodan Xu,Xiaohu Yang

DOI: https://doi.org/10.1109/ase56229.2023.00084

2024-01-01

Abstract:Software vulnerabilities damage the functionality of software systems. Recently, many deep learning-based approaches have been proposed to detect vulnerabilities at the function level by using one or a few different modalities (e.g., text representation, graph-based representation) of the function and have achieved promising performance. However, some of these existing studies have not completely leveraged these diverse modalities, particularly the underutilized image modality, and the others using images to represent functions for vulnerability detection have not made adequate use of the significant graph structure underlying the images. In this paper, we propose MVulD, a multi-modal-based function-level vulnerability detection approach, which utilizes multi-modal features of the function (i.e., text representation, graph representation, and image representation) to detect vulnerabilities. Specifically, MVulD utilizes a pre-trained model (i.e., UniXcoder) to learn the semantic information of the textual source code, employs the graph neural network to distill graph-based representation, and makes use of computer vision techniques to obtain the image representation while retaining the graph structure of the function. We conducted a large-scale experiment on 25,816 functions. The experimental results show that MVulD improves four state-of-the-art baselines by 30.8%-81.3%, 12.8%-27.4%, 48.8%-115%, and 22.9%-141% in terms of F1-score, Accuracy, Precision, and PR-AUC respectively.

Jinfu Chen,Weijia Wang,Bo Liu,Saihua Cai,Dave Towey,Shengran Wang

DOI: https://doi.org/10.1016/j.infsof.2024.107453

IF: 3.9

2024-03-29

Information and Software Technology

Abstract:Context: Desirable characteristics in vulnerability-detection (VD) systems (VDSs) include both good detection capability (high accuracy, low false positive rate, low false negative rate, etc.) and low time overheads. The widely used VDSs based on models such as Recurrent Neural Networks (RNNs) have some problems, such as low time efficiency, failing to learn the vulnerability features better, and insufficent amounts of vulnerability features. Therefore, it is very important to construct an automatic detection model with high detection accuracy. Objective: This paper reports on training based on the source code to analyze and learn from the code's patterns and structures by deep-learning techniques to generate an efficient VD model that does not require manual feature design. Method: We propose a software VD model based on multi-feature fusion and deep neural networks called AIdetectorX-SP. It first uses a Temporal Convolutional Network (TCN) and adds a Self-attention Mechanism (SaM) to the TCN to build a model for extracting vulnerability logic features, then transforms the source code into an image input to a Convolutional Neural Network (CNN) to extract structural and semantic information. Finally, we use feature-fusion technology to design and implement an improved deep-learning-based VDS, called AIdetectorX Sequence with Picturization (AIdetectorX-SP). Results: We report on experiments conducted using publicly-available and widely-used datasets to evaluate the effectiveness of AIdetectorX-SP, with results indicating that AIdetectorX-SP is an effective VDS; that the combination of TCN and SaM can effectively extract vulnerability logic features; and that the pictorial code can extract code structure features, which can further improve the VD capability. Conclusion: In this paper, we propose a novel detection model for software vulnerability based on TCNs, SaM, and software picturization. The proposed model solves some shortcomings and limitations of existing VDSs, and obtains a high software-VD accuracy with a high degree of stability.

computer science, information systems, software engineering

Zhen Li,Deqing Zou,Shouhuai Xu,Hai Jin,Yawei Zhu,Zhaoxuan Chen

DOI: https://doi.org/10.1109/tdsc.2021.3051525

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The detection of software vulnerabilities (or vulnerabilities for short) is an important problem that has yet to be tackled, as manifested by the many vulnerabilities reported on a daily basis. This calls for machine learning methods for vulnerability detection. Deep learning is attractive for this purpose because it alleviates the requirement to manually define features. Despite the tremendous success of deep learning in other application domains, its applicability to vulnerability detection is not systematically understood. In order to fill this void, we propose the first systematic framework for using deep learning to detect vulnerabilities in C/C++ programs with source code. The framework, dubbed Syntax-based, Semantics-based, and Vector Representations (SySeVR), focuses on obtaining program representations that can accommodate syntax and semantic information pertinent to vulnerabilities. Our experiments with four software products demonstrate the usefulness of the framework: we detect 15 vulnerabilities that are not reported in the National Vulnerability Database. Among these 15 vulnerabilities, seven are unknown and have been reported to the vendors, and the other eight have been "silently" patched by the vendors when releasing newer versions of the pertinent software products.

computer science, information systems, software engineering, hardware & architecture

Andreas Schaad,Dominik Binder

DOI: https://doi.org/10.48550/arXiv.2212.01254

2022-11-25

Cryptography and Security

Abstract:The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification of vulnerabilities on basis of a binary executable without the corresponding source code is more challenging. Recent research [1] has shown, how such detection can be achieved by deep learning methods. However, that particular approach is limited to the identification of only 4 types of vulnerabilities. Subsequently, we analyze to what extent we could cover the identification of a larger variety of vulnerabilities. Therefore, a supervised deep learning approach using recurrent neural networks for the application of vulnerability detection based on binary executables is used. The underlying basis is a dataset with 50,651 samples of vulnerable code in the form of a standardized LLVM Intermediate Representation. The vectorised features of a Word2Vec model are used to train different variations of three basic architectures of recurrent neural networks (GRU, LSTM, SRNN). A binary classification was established for detecting the presence of an arbitrary vulnerability, and a multi-class model was trained for the identification of the exact vulnerability, which achieved an out-of-sample accuracy of 88% and 77%, respectively. Differences in the detection of different vulnerabilities were also observed, with non-vulnerable samples being detected with a particularly high precision of over 98%. Thus, the methodology presented allows an accurate detection of 23 (compared to 4 [1]) vulnerabilities.

Jin Wang,Hui Xiao,Shuwen Zhong,Yinhao Xiao

DOI: https://doi.org/10.1016/j.future.2023.05.016

IF: 7.307

2023-05-28

Future Generation Computer Systems

Abstract:Software vulnerabilities can pose severe harms to a computing system. They can lead to system crash, privacy leakage, or even physical damage. Correctly identifying vulnerabilities among enormous software codes in a timely manner is so far the essential prerequisite to patch them. Unfortantely, the current vulnerability identification methods, either the classic ones or the deep-learning-based ones, have several critical drawbacks, making them unable to meet the present-day demands put forward by the software industry. To overcome the drawbacks, in this paper, we propose DeepVulSeeker, a novel fully automated vulnerability identification framework, which leverages both code graph structures and the semantic features with the help of the recently advanced Graph Representation Self-Attention and pre-training mechanisms. Our experiments show that DeepVulSeeker not only reaches an accuracy as high as 0.99 on traditional CWE datasets, but also outperforms all other exisiting methods on two highly-complicated datasets. We also testified DeepVulSeeker based on three case studies, and found that DeepVulSeeker is able to understand the implications of the vulnerbilities. We have fully implemented DeepVulSeeker and open-sourced it for future follow-up research.

computer science, theory & methods

Abdulrahman Hamman Adama Chukkol,Senlin Luo,Kashif Sharif,Yunusa Haruna,Muhammad Muhammad Abdullahi

2024-08-14

Abstract:Binary program vulnerability detection is critical for software security, yet existing deep learning approaches often rely on source code analysis, limiting their ability to detect unknown vulnerabilities. To address this, we propose VulCatch, a binary-level vulnerability detection framework. VulCatch introduces a Synergy Decompilation Module (SDM) and Kolmogorov-Arnold Networks (KAN) to transform raw binary code into pseudocode using CodeT5, preserving high-level semantics for deep analysis with tools like Ghidra and IDA. KAN further enhances feature transformation, enabling the detection of complex vulnerabilities. VulCatch employs word2vec, Inception Blocks, BiLSTM Attention, and Residual connections to achieve high detection accuracy (98.88%) and precision (97.92%), while minimizing false positives (1.56%) and false negatives (2.71%) across seven CVE datasets.

Cryptography and Security,Artificial Intelligence,Machine Learning,Software Engineering

Aidong Xu,Tao Dai,Huajun Chen,Zhe Ming,Weining Li

DOI: https://doi.org/10.1109/icsai.2018.8599360

2018-01-01

Abstract:With the development of Internet technology, software vulnerabilities have become a major threat to current computer security. In this work, we propose the vulnerability detection for source code using Contextual LSTM. Compared with CNN and LSTM, we evaluated the CLSTM on 23185 programs, which are collected from SARD. We extracted the features through the program slicing. Based on the features, we used the natural language processing to analysis programs with source code. The experimental results demonstrate that CLSTM has the best performance for vulnerability detection, reaching the accuracy of 96.711% and the F1 score of 0.96984.

Lu Yu,Yuliang Lu,Yi Shen,Hui Huang,Kailong Zhu

DOI: https://doi.org/10.1109/access.2021.3064687

IF: 3.9

2021-01-01

IEEE Access

Abstract:Applying neural network technology to binary similarity detection has become a promising search topic, and vulnerability detection is an important application field of binary similarity detection. When embedding binary code into matrix by neural network, the problem of feature representation also needs to be solved in vulnerability detection. However, most of the current researches extract the syntax or structural features of binary code, and take basic block as the minimum analysis unit, which is relatively coarse. In addition, the structural features of binary functions are usually represented by the dependency graph. In the embedding process, only the neighbour information of the node can be obtained, ignoring the global information of the graph. To solve these two problems, we propose a two-channel feature extraction method to obtain semantic feature in finer granularity and represent the structural features globally instead of locally. Inspired by natural language process, we propose a contextual semantic feature extraction method to obtain different granularity features of binary functions. It takes instruction as the minimum analysis unit and obtains the semantic relationship between instructions. Meanwhile, in order to represent the structural feature of each function, we propose a neural GAE model instead of the widely used structure2vec model. In this way, we can preserve and reconstruct the control dependencies between the basic blocks in the whole graph. We have implemented a prototype system BEDetector, evaluated the effectiveness of its neural model and compared the accuracy of vulnerability function detection with state-of-the-art system. Besides, we choose the real-world firmware files as the detection target and prove that BEDetector can achieve a relatively high detection rate. BEDetector could reach a precision of 88.8%, 86.7% and 100% when ranking top-50 candidate functions in the detectio- of the CVE vulnerability function $ssl3_{}get_{}key_{}exchange$ , $ssl3_{}get_{}new_{}session_{}ticket$ and ${udhcp_{}get_{}option}$ , proving the efficiency of our method.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jian Gao,Xin Yang,Yu Jiang,Houbing Song,Kim-Kwang Raymond Choo,Jiaguang Sun

DOI: https://doi.org/10.1109/tii.2019.2947432

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:The rapid development of Internet of Things (IoT) has triggered more security requirements than ever, especially in detecting vulnerabilities in various IoT devices. The widely used clone-based vulnerability search methods are effective on source code; however, their performance is limited in IoT binary search. In this article, we present IoTSeeker, a function semantic learning based vulnerability search approach for cross-platform IoT binary. First, we construct the function semantic graph to capture both the data flow and control flow information and encode lightweight semantic features of each basic block within the semantic graph as numerical vectors. Then, the embedding vector of the whole binary function is generated by feeding the numerical vectors of basic blocks to our customized semantics aware neural network model. Finally, the cosine distance of two embedding vectors is calculated to determine whether a binary function contains a known vulnerability. The experiments show that IoTSeeker outperforms the state-of-the-art approaches for identifying cross-platform IoT binary vulnerabilities. For example, compared to Gemini, IoTSeeker finds 12.68% more vulnerabilities in the top-50 candidates, and improves the value of AUC for 8.23%.

Junfeng Tian,Wenjing Xing,Zhen Li

DOI: https://doi.org/10.1016/j.infsof.2020.106289

IF: 3.9

2020-07-01

Information and Software Technology

Abstract:<h3 class="u-h4 u-margin-m-top u-margin-xs-bottom">Context</h3><p><em>:</em> Software vulnerability detection is essential to ensure cybersecurity. Currently, most software is published in binary form, thus researchers can only detect vulnerabilities in these software by analysing binary programs. Although existing research approaches have made a substantial contribution to binary vulnerability detection, there are still many deficiencies, such as high false positive rate, detection with coarse granularity, and dependence on expert experience.</p><h3 class="u-h4 u-margin-m-top u-margin-xs-bottom">Objective</h3><p><em>:</em> The goal of this study is to perform fine-grained intelligent detection on the vulnerabilities in binary programs. This leads us to propose a fine-grained representation of binary programs and introduce deep learning techniques to intelligently detect the vulnerabilities.</p><h3 class="u-h4 u-margin-m-top u-margin-xs-bottom">Method</h3><p><em>:</em> We use program slices of library/API function calls to represent binary programs. Additionally, we design and construct a Binary Gated Recurrent Unit (BGRU) network model to intelligently learn vulnerability patterns and automatically detect vulnerabilities in binary programs.</p><h3 class="u-h4 u-margin-m-top u-margin-xs-bottom">Results</h3><p><em>:</em> This approach yields the design and implementation of a program slice-based binary code vulnerability intelligent detection system called BVDetector. We show that BVDetector can effectively detect vulnerabilities related to library/API function calls in binary programs, which reduces the false positive rate and false negative rate of vulnerability detection.</p><h3 class="u-h4 u-margin-m-top u-margin-xs-bottom">Conclusion</h3><p><em>:</em> This paper proposes a program slice-based binary code vulnerability intelligent detection system called BVDetector. The experimental results show that BVDetector can effectively reduce the false negative rate and false positive rate of binary vulnerability detection.</p>

computer science, information systems, software engineering

Mohamed Mjd Alhafi,Mohammad Hammade,Khloud Al Jallad

DOI: https://doi.org/10.33140/JCTCSR

2023-05-09

Abstract:Application security is an essential part of developing modern software, as lots of attacks depend on vulnerabilities in software. The number of attacks is increasing globally due to technological advancements. Companies must include security in every stage of developing, testing, and deploying their software in order to prevent data breaches. There are several methods to detect software vulnerability Non-AI-based such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). However, these approaches have substantial false-positive and false-negative rates. On the other side, researchers have been interested in developing an AI-based vulnerability detection system employing deep learning models like BERT, BLSTM, etc. In this paper, we proposed a two-stage solution, two deep learning models were proposed for vulnerability detection in C/C++ source codes, the first stage is CNN which detects if the source code contains any vulnerability (binary classification model) and the second stage is CNN-LTSM that classifies this vulnerability into a class of 50 different types of vulnerabilities (multiclass classification model). Experiments were done on SySeVR dataset. Results show an accuracy of 99% for the first and 98% for the second stage.

Cryptography and Security,Artificial Intelligence,Machine Learning

Jacob A. Harer,Louis Y. Kim,Rebecca L. Russell,Onur Ozdemir,Leonard R. Kosta,Akshay Rangamani,Lei H. Hamilton,Gabriel I. Centeno,Jonathan R. Key,Paul M. Ellingwood,Erik Antelman,Alan Mackay,Marc W. McConley,Jeffrey M. Opper,Peter Chin,Tomo Lazovich

DOI: https://doi.org/10.48550/arXiv.1803.04497

2018-02-14

Software Engineering

Abstract:Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often manifest themselves in subtle ways that are not obvious to code reviewers or the developers themselves. With the wealth of open source code available for analysis, there is an opportunity to learn the patterns of bugs that can lead to security vulnerabilities directly from data. In this paper, we present a data-driven approach to vulnerability detection using machine learning, specifically applied to C and C++ programs. We first compile a large dataset of hundreds of thousands of open-source functions labeled with the outputs of a static analyzer. We then compare methods applied directly to source code with methods applied to artifacts extracted from the build process, finding that source-based models perform better. We also compare the application of deep neural network models with more traditional models such as random forests and find the best performance comes from combining features learned by deep models with tree-based models. Ultimately, our highest performing model achieves an area under the precision-recall curve of 0.49 and an area under the ROC curve of 0.87.

Shaji, Lijin,Pramila, R. Suji

DOI: https://doi.org/10.1007/s10878-024-01185-z

2024-08-23

Journal of Combinatorial Optimization

Abstract:Software vulnerabilities are flaws that may be exploited to cause loss or harm. Various automated machine-learning techniques have been developed in preceding studies to detect software vulnerabilities. This work tries to develop a technique for securing the software on the basis of their vulnerabilities that are already known, by developing a hybrid deep learning model to detect those vulnerabilities. Moreover, certain countermeasures are suggested based on the types of vulnerability to prevent the attack further. For different software projects taken as the dataset, feature fusion is done by utilizing canonical correlation analysis together with Deep Residual Network (DRN). A hybrid deep learning technique trained using AdamW-Rat Swarm Optimizer (AdamW-RSO) is designed to detect software vulnerability. Hybrid deep learning makes use of the Deep Belief Network (DBN) and Generative Adversarial Network (GAN). For every vulnerability, its location of occurrence within the software development procedures and techniques of alleviation via implementation level or design level activities are described. Thus, it helps in understanding the appearance of vulnerabilities, suggesting the use of various countermeasures during the initial phases of software design, and therefore, assures software security. Evaluating the performance of vulnerability detection by the proposed technique regarding recall, precision, and f-measure, it is found to be more effective than the existing methods.

mathematics, applied,computer science, interdisciplinary applications

Hazim Hanif,Mohd Hairul Nizam Md Nasir,Mohd Faizal Ab Razak,Ahmad Firdaus,Nor Badrul Anuar

DOI: https://doi.org/10.1016/j.jnca.2021.103009

IF: 7.574

2021-04-01

Journal of Network and Computer Applications

Abstract:The detection of software vulnerability requires critical attention during the development phase to make it secure and less vulnerable. Vulnerable software always invites hackers to perform malicious activities and disrupt the operation of the software, which leads to millions in financial losses to software companies. In order to reduce the losses, there are many reliable and effective vulnerability detection systems introduced by security communities aiming to detect the software vulnerabilities as early as in the development or testing phases. To summarise the software vulnerability detection system, existing surveys discussed the conventional and data mining approaches. These approaches are widely used and mostly consist of traditional detection techniques. However, they lack discussion on the newly trending machine learning approaches, such as supervised learning and deep learning techniques. Furthermore, existing studies fail to discuss the growing research interest in the software vulnerability detection community throughout the years. With more discussion on this, we can predict and focus on what are the research problems in software vulnerability detection that need to be urgently addressed. Aiming to reduce these gaps, this paper presents the research interests' taxonomy in software vulnerability detection, such as methods, detection, features, code and dataset. The research interest categories exhibit current trends in software vulnerability detection. The analysis shows that there is considerable interest in addressing methods and detection problems, while only a few are interested in code and dataset problems. This indicates that there is still much work to be done in terms of code and dataset problems in the future. Furthermore, this paper extends the machine learning approaches taxonomy, which is used to detect the software vulnerabilities, like supervised learning, semi-supervised learning, ensemble learning and deep learning. Based on the analysis, supervised learning and deep learning approaches are trending in the software vulnerability detection community as these techniques are able to detect vulnerabilities such as buffer overflow, SQL injection and cross-site scripting effectively with a significant detection performance, up to 95% of F1 score. Finally, this paper concludes with several discussions on potential future work in software vulnerability detection in terms of datasets, multi-vulnerabilities detection, transfer learning and real-world applications.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Shumaila Hussain,Muhammad Nadeem,Junaid Baber,Mohammed Hamdi,Adel Rajab,Mana Saleh Al Reshan,Asadullah Shaikh

DOI: https://doi.org/10.1038/s41598-024-56871-z

IF: 4.6

2024-03-30

Scientific Reports

Abstract:Software vulnerabilities pose a significant threat to system security, necessitating effective automatic detection methods. Current techniques face challenges such as dependency issues, language bias, and coarse detection granularity. This study presents a novel deep learning-based vulnerability detection system for Java code. Leveraging hybrid feature extraction through graph and sequence-based techniques enhances semantic and syntactic understanding. The system utilizes control flow graphs (CFG), abstract syntax trees (AST), program dependencies (PD), and greedy longest-match first vectorization for graph representation. A hybrid neural network (GCN-RFEMLP) and the pre-trained CodeBERT model extract features, feeding them into a quantum convolutional neural network with self-attentive pooling. The system addresses issues like long-term information dependency and coarse detection granularity, employing intermediate code representation and inter-procedural slice code. To mitigate language bias, a benchmark software assurance reference dataset is employed. Evaluations demonstrate the system's superiority, achieving 99.2% accuracy in detecting vulnerabilities, outperforming benchmark methods. The proposed approach comprehensively addresses vulnerabilities, including improper input validation, missing authorizations, buffer overflow, cross-site scripting, and SQL injection attacks listed by common weakness enumeration (CWE).

multidisciplinary sciences

Zhen Huang,Amy Aumpansub

2024-05-28

Abstract:Deep learning has been shown to be a promising tool in detecting software vulnerabilities. In this work, we train neural networks with program slices extracted from the source code of C/C++ programs to detect software vulnerabilities. The program slices capture the syntax and semantic characteristics of vulnerability-related program constructs, including API function call, array usage, pointer usage, and arithmetic expression. To achieve a strong prediction model for both vulnerable code and non-vulnerable code, we compare different types of training data, different optimizers, and different types of neural networks. Our result shows that combining different types of characteristics of source code and using a balanced number of vulnerable program slices and non-vulnerable program slices produce a balanced accuracy in predicting both vulnerable code and non-vulnerable code. Among different neural networks, BGRU with the ADAM optimizer performs the best in detecting software vulnerabilities with an accuracy of 92.49%.

Cryptography and Security,Machine Learning

Xin Li,Lu Wang,Yang Xin,Yixian Yang,Yuling Chen

DOI: https://doi.org/10.3390/app10051692

2020-03-02

Applied Sciences

Abstract:Vulnerability is one of the root causes of network intrusion. An effective way to mitigate security threats is to discover and patch vulnerabilities before an attack. Traditional vulnerability detection methods rely on manual participation and incur a high false positive rate. The intelligent vulnerability detection methods suffer from the problems of long-term dependence, out of vocabulary, coarse detection granularity and lack of vulnerable samples. This paper proposes an automated and intelligent vulnerability detection method in source code based on the minimum intermediate representation learning. First, the sample in the form of source code is transformed into a minimum intermediate representation to exclude the irrelevant items and reduce the length of the dependency. Next, the intermediate representation is transformed into a real value vector through pre-training on an extended corpus, and the structure and semantic information are retained. Then, the vector is fed to three concatenated convolutional neural networks to obtain high-level features of vulnerability. Last, a classifier is trained using the learned features. To validate this vulnerability detection method, an experiment was performed. The empirical results confirmed that compared with the traditional methods and the state-of-the-art intelligent methods, our method has a better performance with fine granularity.

Shibin Zhao,Junhu Zhu,Jianshan Peng

DOI: https://doi.org/10.32604/cmc.2024.041949

2024-01-01

Abstract:In recent years, the rapid development of computer software has led to numerous security problems, particularly software vulnerabilities. These flaws can cause significant harm to users' privacy and property. Current security defect detection technology relies on manual or professional reasoning, leading to missed detection and high false detection rates. Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes, reducing missed alarms and false alarms. So, this XSS (Transform), and Structured Query Language (SQL) injection. Also, the project uses open-source Javalang to translate the Java source code, conducts a deep search on the AST to obtain the empty syntax feature library, and converts the Java source code into a dependency graph. The feature vector is then used as the learning target for the neural network. Four types of Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM), Bi-directional Long Short-Term Memory (BiLSTM), and Attention Mechanism + Bidirectional LSTM, are used to investigate various code defects, including blank pointer reference exception, XSS, and SQL injection defects. Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition, verifying the correctness of the method.

Jian Gao,Xin Yang,Ying Fu,Yu Jiang,Heyuan Shi,Jiaguang Sun

DOI: https://doi.org/10.1145/3236024.3275524

2018-01-01

Abstract:Learning-based clone detection is widely exploited for binary vulnerability search. Although they solve the problem of high time overhead of traditional dynamic and static search approaches to some extent, their accuracy is limited, and need to manually identify the true positive cases among the top-M search results during the industrial practice. This paper presents VulSeeker-Pro, an enhanced binary vulnerability seeker that integrates function semantic emulation at the back end of semantic learning, to release the engineers from the manual identification work. It first uses the semantic learning based predictor to quickly predict the top-M candidate functions which are the most similar to the vulnerability from the target binary. Then the top-M candidates are fed to the emulation engine to resort, and more accurate top-N candidate functions are obtained. With fast filtering of semantic learning and dynamic trace generation of function semantic emulation, VulSeeker-Pro can achieve higher search accuracy with little time overhead. The experimental results on 15 known CVE vulnerabilities involving 6 industry widely used programs show that VulSeeker-Pro significantly outperforms the state-of-the-art approaches in terms of accuracy. In a total of 45 searches, VulSeeker-Pro finds 40 and 43 real vulnerabilities in the top-1 and top-5 candidate functions, which are 12.33× and 2.58× more than the most recent and related work Gemini. In terms of efficiency, it takes 0.22 seconds on average to determine whether the target binary function contains a known vulnerability or not.

Wenjing Cai,Junlin Chen,Jiaping Yu,Lipeng Gao

DOI: https://doi.org/10.1016/j.infsof.2023.107328

IF: 3.9

2023-12-01

Information and Software Technology

Abstract:The increasing size and complexity of software programs have made them an integral part of modern society’s infrastructure, making software vulnerabilities a major threat to computer security. To address this issue, the use of deep learning-based software vulnerability detection methods has become increasingly popular. Although the effectiveness of the deep learning-based methods has been demonstrated, these methods have faced challenges in scalability and detection performance. To tackle this challenge, we propose a new vulnerability detection method based on deep learning with complex network analysis and subgraph partition that enhances detection accuracy while maintaining scalability. The method uses complex network analysis theory to convert the CPG into an image-like matrix, and then utilizes TextCNN for vulnerability detection. As a result, our method shows a 6% improvement in accuracy and a 10% reduction in false positive rates compared to state-of-the-art methods. In addition, our approach is able to detect some of the vulnerabilities recently released by CVE.

computer science, information systems, software engineering