VDSimilar: Vulnerability detection based on code similarity of vulnerabilities and patches

Vulnerability detection using machine learning is a hot topic in improving software security. However, existing works formulate detection as a classification problem, which requires a large set of labelled data while capturing semantical and syntactic similarity. In this work, we argue that similari...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security 2021-11, Vol.110, p.102417, Article 102417
Main Authors: Sun, Hao, Cui, Lei, Li, Lun, Ding, Zhenquan, Hao, Zhiyu, Cui, Jiancong, Liu, Peng
Format: Article
Language:English
Subjects:
Artificial neural networks
Attention
BiLSTM
Code similarity
Cybersecurity
Datasets
Deep learning
Machine learning
Patches (structures)
Security
Siamese network
Similarity
Source code
Vulnerability
Vulnerability detection
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Vulnerability detection using machine learning is a hot topic in improving software security. However, existing works formulate detection as a classification problem, which requires a large set of labelled data while capturing semantical and syntactic similarity. In this work, we argue that similarity in the view of vulnerability is the key in detecting vulnerabilities. We prepare a relatively smaller data set composed of both vulnerabilities and associated patches, and attempt to realize security similarity from (i) the similarity between pair of vulnerabilities and (ii) the difference between a pair of vulnerability and patch. To achieve this, we setup the detection model using the Siamese network cooperated with BiLSTM and Attention to deal with source code, Attention network to improve the detection accuracy. On a data set of 876 vulnerabilities and patches of OpenSSL and Linux, the proposed model (VDSimilar) achieves about 97.17% in AUC value of OpenSSL (where the Attention network contributes 1.21% than BiLSTM in Siamese), which is more outstanding than the most advanced methods based on deep learning.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2021.102417