A static technique for detecting input validation vulnerabilities in Android apps

Fang, Zhejun; Liu, Qixu; Zhang, Yuqing; Wang, Kai; Wang, Zhiqiang; Wu, Qingyun

doi:10.1007/s11432-015-5422-7

Cited by 16 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Pattern-based detectors can be further divided into rule-based ones and machine learningbased ones. Rule-based detectors [6], [7], [8], [9], [10], [11] can identify the vulnerable lines of code when they indeed correctly detect vulnerabilities, but often incur a low detection capability (because of their high false-positives and high false-negatives). Moreover, they require human analysts to define vulnerability detection rules.…”

Section: Introductionmentioning

confidence: 99%

VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector

Li,

Zou,

et al. 2020

Preprint

View full text Add to dashboard Cite

Automatically detecting software vulnerabilities is an important problem that has attracted much attention. However, existing vulnerability detectors still cannot achieve the vulnerability detection capability and locating precision that would warrant their adoption for real-world use. In this paper, we present Vulnerability Deep learning-based Locator (VulDeeLocator), a deep learning-based fine-grained vulnerability detector, for C programs with source code. VulDeeLocator advances the state-of-the-art by simultaneously achieving a high detection capability and a high locating precision. When applied to three real-world software products, VulDeeLocator detects four vulnerabilities that are not reported in the National Vulnerability Database (NVD); among these four vulnerabilities, three are not known to exist in these products until now, but the other one has been "silently" patched by the vendor when releasing newer versions of the vulnerable product. The core innovations underlying VulDeeLocator are (i) the leverage of intermediate code to accommodate semantic information that cannot be conveyed by source code-based representations, and (ii) the concept of granularity refinement for precisely pinning down locations of vulnerabilities.

show abstract

Section: Introductionmentioning

confidence: 99%

VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector

Li,

Zou,

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…The third category is the academic research methods. These academic research results are generally targeted at certain aspects of vulnerability detection and propose better vulnerability rules [39], [40], [41]. This approach largely relies on human experts to define rules.…”

Section: Rule-based Vulnerability Detectionmentioning

confidence: 99%

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Zou

Wang

et al. 2019

IEEE Trans. Dependable and Secure Comput.

157

View full text Add to dashboard Cite

Fine-grained software vulnerability detection is an important and challenging problem. Ideally, a detection system (or detector) not only should be able to detect whether or not a program contains vulnerabilities, but also should be able to pinpoint the type of a vulnerability in question. Existing vulnerability detection methods based on deep learning can detect the presence of vulnerabilities (i.e., addressing the binary classification or detection problem), but cannot pinpoint types of vulnerabilities (i.e., incapable of addressing multiclass classification). In this paper, we propose the first deep learning-based system for multiclass vulnerability detection, dubbed µVulDeePecker. The key insight underlying µVulDeePecker is the concept of code attention, which can capture information that can help pinpoint types of vulnerabilities, even when the samples are small. For this purpose, we create a dataset from scratch and use it to evaluate the effectiveness of µVulDeePecker. Experimental results show that µVulDeePecker is effective for multiclass vulnerability detection and that accommodating control-dependence (other than data-dependence) can lead to higher detection capabilities.

show abstract

“…This types of approaches involve three categories: rule-based methods, traditional machine learning-based methods, and deep learning-based methods. Rule-based methods [4]- [8] and traditional machine learning-based methods [9]- [12] typically require human experts to define rules or features to generate vulnerability patterns. As a result, they need many manual efforts and are difficult to characterize the vulnerabilities accurately, thus achieve high false positives or high false negatives.…”

Section: Code Similarity-based Approaches Are Limited To Detectingmentioning

confidence: 99%

A Comparative Study of Deep Learning-Based Vulnerability Detection System

Zou

Tang

et al. 2019

IEEE Access

View full text Add to dashboard Cite

Source code static analysis has been widely used to detect vulnerabilities in the development of software products. The vulnerability patterns purely based on human experts are laborious and error prone, which has motivated the use of machine learning for vulnerability detection. In order to relieve human experts of defining vulnerability rules or features, a recent study shows the feasibility of leveraging deep learning to detect vulnerabilities automatically. However, the impact of different factors on the effectiveness of vulnerability detection is unknown. In this paper, we collect two datasets from the programs involving 126 types of vulnerabilities, on which we conduct the first comparative study to quantitatively evaluate the impact of different factors on the effectiveness of vulnerability detection. The experimental results show that accommodating control dependency can increase the overall effectiveness of vulnerability detection F1-measure by 20.3%; the imbalanced data processing methods are not effective for the dataset we create; bidirectional recurrent neural networks (RNNs) are more effective than unidirectional RNNs and convolutional neural network, which in turn are more effective than multi-layer perception; using the last output corresponding to the time step for the bidirectional long short-term memory (BLSTM) can reduce the false negative rate by 2.0% at the price of increasing the false positive rate by 0.5%.

show abstract

A static technique for detecting input validation vulnerabilities in Android apps

Cited by 16 publications

References 6 publications

VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector

VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

A Comparative Study of Deep Learning-Based Vulnerability Detection System

Contact Info

Product

Resources

About