Zhijun Deng scite author profile

Abstract-The automatic detection of software vulnerabilities is an important research problem. However, existing solutions to this problem rely on human experts to define features and often miss many vulnerabilities (i.e., incurring high false negative rate). In this paper, we initiate the study of using deep learning-based vulnerability detection to relieve human experts from the tedious and subjective task of manually defining features. Since deep learning is motivated to deal with problems that are very different from the problem of vulnerability detection, we need some guiding principles for applying deep learning to vulnerability detection. In particular, we need to find representations of software programs that are suitable for deep learning. For this purpose, we propose using code gadgets to represent programs and then transform them into vectors, where a code gadget is a number of (not necessarily consecutive) lines of code that are semantically related to each other. This leads to the design and implementation of a deep learning-based vulnerability detection system, called Vulnerability Deep Pecker (VulDeePecker). In order to evaluate VulDeePecker, we present the first vulnerability dataset for deep learning approaches. Experimental results show that VulDeePecker can achieve much fewer false negatives (with reasonable false positives) than other approaches. We further apply VulDeePecker to 3 software products (namely Xen, Seamonkey, and Libav) and detect 4 vulnerabilities, which are not reported in the National Vulnerability Database but were "silently" patched by the vendors when releasing later versions of these products; in contrast, these vulnerabilities are almost entirely missed by the other vulnerability detection systems we experimented with.

show abstract

Efficient Cycle Frequency Acquisition of a Cyclostationary Signal with the FACA Method

Hu¹,

Yu²,

Deng³

et al. 2019

RADIOENGINEERING

View full text Add to dashboard Cite

The cycle frequencies of a cyclostationary signal can be used for the signal identification and classification, separation of the overlapped signals in cycle domain, and so on. Efficient cycle frequency acquisition depends on the fast measurement of cyclic autocorrelation function (CAF) or spectral correlation function (SCF) of the signal. Presently the relative efficient CAF and SCF measuring methods mainly include the cyclic correlogram, the well-known fast Fourier transform accumulation method (FAM), and so on. Motivated by these methods, a new efficient cycle frequency acquisition method which integrates the fast Fourier transform (FFT) algorithm with the autocorrelated cyclic autocorrelation function, named FACA, is presented. With the presented method, we can acquire the cycle frequencies of a cyclostationary signal more efficiently with a given level of reliability. Meanwhile, by enlarging the FFT window width of the FACA method we can get the same cycle frequency resolution as the benchmarked method FAM, but the computation cost still can be spared at this case.

show abstract

Automatically Identifying Security Bug Reports via Multitype Features Analysis

Zou

Deng

et al. 2018

View full text Add to dashboard Cite

Time-frequency Aliasing Separation Method of Radar Signal Based on Capsule Neural Network

Zhu

Chang

Yang

et al. 2020

View full text Add to dashboard Cite

Data link network technology of UAV system

Deng

2020

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Zhijun Deng

VulDeePecker: A Deep Learning-Based System for Vulnerability Detection

Efficient Cycle Frequency Acquisition of a Cyclostationary Signal with the FACA Method

Automatically Identifying Security Bug Reports via Multitype Features Analysis

Time-frequency Aliasing Separation Method of Radar Signal Based on Capsule Neural Network

Data link network technology of UAV system

Contact Info

Product

Resources

About