Proceedings 2018 Network and Distributed System Security Symposium 2018
DOI: 10.14722/ndss.2018.23158
|View full text |Cite
|
Sign up to set email alerts
|

VulDeePecker: A Deep Learning-Based System for Vulnerability Detection

Abstract: Abstract-The automatic detection of software vulnerabilities is an important research problem. However, existing solutions to this problem rely on human experts to define features and often miss many vulnerabilities (i.e., incurring high false negative rate). In this paper, we initiate the study of using deep learning-based vulnerability detection to relieve human experts from the tedious and subjective task of manually defining features. Since deep learning is motivated to deal with problems that are very dif… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

2
542
0

Year Published

2018
2018
2022
2022

Publication Types

Select...
6

Relationship

1
5

Authors

Journals

citations
Cited by 620 publications
(544 citation statements)
references
References 43 publications
2
542
0
Order By: Relevance
“…First, a conceptual innovation underlying µVulDeePecker is the introduction of the concept we call code attention, which can accommodate information useful for learning local features and helping pinpoint types of vulnerabilities. It refines the concept of code gadget [13] which is a number of statements that are semantically related to each other. Second, another innovation underlying µVulDeePecker is redefining arXiv:2001.02334v1 [cs.CR] 8 Jan 2020 the concept and extraction method of code gadget by introducing control-dependence.…”
Section: Our Contributionsmentioning
confidence: 99%
See 1 more Smart Citation
“…First, a conceptual innovation underlying µVulDeePecker is the introduction of the concept we call code attention, which can accommodate information useful for learning local features and helping pinpoint types of vulnerabilities. It refines the concept of code gadget [13] which is a number of statements that are semantically related to each other. Second, another innovation underlying µVulDeePecker is redefining arXiv:2001.02334v1 [cs.CR] 8 Jan 2020 the concept and extraction method of code gadget by introducing control-dependence.…”
Section: Our Contributionsmentioning
confidence: 99%
“…We name our multiclass vulnerability detection system, namely µVulDeePecker, after the system known as VulDeePecker [13], which is the first deep learning-based binary vulnerability detection system (i.e., only able to tell whether a piece of code is vulnerable or not, but not the type of a vulnerability in question). The reason we are so named is that our system is inspired by VulDeePecker; indeed, we refine the concept of code gadget introduced in [13], which only captures data dependence, by additionally accommodating control dependence, which leads to higher effectiveness in multiclass vulnerability detection. However, we stress that µVulDeePecker is not a simple incremental work over VulDeePecker [13].…”
Section: µVuldeepecker Vs Vuldeepeckermentioning
confidence: 99%
“…The computational system is a server running CentOS Linux 7 with two Physical Intel(R) Xeon(R) E5‐2690 v3 2.60GHz CPUs and 96GB RAM. For code gadgets, we use the same parameter setting as Li et al…”
Section: Performance Experiments Of Deep Learnt Featuresmentioning
confidence: 99%
“…The first layer is an embedding layer which maps each element of the sequence to a dense vector of fixed dimensionality. In conducting a comparative study, we adopt the datasets published by Li et al 35 We download 2 additional datasets and obtain the code gadgets as feature presentations according to what is described in the paper, where CWE119 contains buffer errors and CWE399 contains management errors.…”
Section: Phase 2: Deep Feature Representation Learningmentioning
confidence: 99%
See 1 more Smart Citation