Evaluation of Software Vulnerability Detection Methods and Tools: A Review

Amankwah, Richard; Kudjo, Patrick Kwaku; Antwi, Samuel Yeboah

doi:10.5120/ijca2017914750

Cited by 17 publications

(7 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…e detection of specific vulnerabilities requires several corresponding methods. For example, the detection of vulnerabilities that are easily triggered by overflow of values, divisors of 0, etc., needs to be identified and analyzed [10][11][12].…”

Section: Ultrasonic Data Acquisition and Signal Processing Algorithmsmentioning

confidence: 99%

Detection and Analysis of Man-Machine Interactive Software Vulnerabilities Based on Ultrasonic Data Acquisition and Signal Processing Algorithms

Lei

2021

Advances in Multimedia

View full text Add to dashboard Cite

With the gradual increase in the informatization, there is much software in various industries, such as data management, business execution, public orientation, and company OA, which greatly facilitates the development of various tasks, but it also brings many hidden dangers. There exist certain vulnerabilities in some software, which have become backdoors to be attacked. In view of these needs and potential hazards, the ultrasonic data acquisition and signal processing algorithms are introduced in this paper, analyzing and grasping the possibility of potentially dangerous paths by combining the instruction addresses and locations of software vulnerabilities, and avoid the existence of these software vulnerabilities through corresponding constraint instructions. The simulation experiment results prove that the ultrasonic data acquisition and signal processing algorithms are effective and can support the detection and analysis of man-machine interactive software vulnerabilities.

show abstract

Section: Ultrasonic Data Acquisition and Signal Processing Algorithmsmentioning

confidence: 99%

Detection and Analysis of Man-Machine Interactive Software Vulnerabilities Based on Ultrasonic Data Acquisition and Signal Processing Algorithms

Lei

2021

Advances in Multimedia

View full text Add to dashboard Cite

show abstract

“…Therefore, these analyzers cannot guarantee complete test coverage of the codebase. As the complexity of software increases, these methods are limited by high false positive rates and low true performance [22], often generating a large number of false positives and not being able to understand the semantics of the code well. In addition, the identification of unbalanced real-world vulnerability data cannot fully exert its advantages due to the small amount of data.…”

Section: Related Workmentioning

confidence: 99%

Elevating Security Analysis: The MTLPT Framework for Enhanced Vulnerability Prediction

HUI,

LIU,

CHEN

et al. 2024

Preprint

View full text Add to dashboard Cite

In the current field of vulnerability prediction, accurate forecasting and identification of potential vulnerabilities in software are crucial, especially when dealing with real-world vulnerability data. The challenges posed by data imbalance and complex dependency relationships often make prediction tasks exceptionally difficult. Traditional single-task learning methods and ensemble learning methods typically perform poorly when handling highly imbalanced datasets. These methods often overlook minority categories, which frequently contain the most critical vulnerabilities, and fail to fully learn vulnerability features. To address these issues, we propose a novel multi-task learning model called MTLPT, aimed at enhancing the accuracy and efficiency of vulnerability prediction through a multi-task learning framework. The MTLPT model combines custom lightweight Transformer blocks and position encoding layers to effectively capture long-range dependencies and complex contextual information from source code. With this structural design, MTLPT can simultaneously handle various vulnerability prediction tasks, thereby learning the latent relationships between different vulnerability types and improving the model’s sensitivity to rare but severe vulnerabilities. Additionally, the MTLPT model introduces a loss function based on dynamic weights, which dynamically adjusts loss weights based on the prediction difficulty of different tasks, effectively mitigating the challenges posed by imbalanced data. We conducted comparative experiments on a subset of highly imbalanced real-world vulnerability dataset. The experimental results demonstrate that, compared to existing single-task learning and ensemble learning methods, MTLPT exhibits significant advantages across multiple key performance metrics, particularly in identifying minority class vulnerabilities with higher sensitivity and accuracy. This performance enhancement validates the effectiveness of our proposed multi-task learning framework in handling complex and imbalanced vulnerability data, highlighting the importance of the MTLPT framework, custom lightweight Transformer blocks, position encoding layers, and the dynamic weight loss function in practical applications. Furthermore, we conducted a series of ablation experiments to thoroughly evaluate the contributions of individual components within the MTLPT model, confirming the role of custom lightweight Transformer blocks and position encoding layers in enhancing the model’s ability to learn complex code structures and behavioral patterns, while also demonstrating the critical role of the dynamic weight loss function in optimizing the training process of the multi-task learning model.

show abstract

“…In conventional methods of detecting computer network security vulnerabilities, inspectors typically must interact with computer terminals and rely on various vulnerability detection tools. However, these tools often exhibit significant limitations in practical use, including issues related to accuracy, speed, and the associated high costs of vulnerability detection [2].…”

Section: Literature Reviewmentioning

confidence: 99%

Network Security with Virtual Reality based Antivirus Protection and Reduced Detection Delays

Song,

Cheng,

Zhang

2024

SCPE

View full text Add to dashboard Cite

Addressing the persistent delay problem in traditional network security antivirus protection systems, this paper introduces an innovative approach utilizing virtual reality (VR) technology. The primary objective is to significantly reduce detection delays and enhance the efficiency of network security measures. An enhanced decision-making algorithm is proposed to identify relevant features associated with network security. These features are then weighted and optimized to improve the overall detection process. An injection list is generated through web crawling techniques to strengthen security measures. A virtual protection block is also developed to serve as a barrier against potential threats. The proposed method claims a detection delay of only 75.33 milliseconds, significantly outperforming two traditional methods that recorded 290.11 milliseconds and 337.30 milliseconds, respectively. This substantial decrease in detection delay emphasizes the effectiveness of automatic detection within the context of VR technology. Practical implementation and empirical evidence further validate the success of this approach. The automatic detection of network security vulnerabilities within the VR technology framework is efficient and exhibits considerable progress. As such, this research offers a promising solution to the delay problem in network security antivirus protection. Embracing VR technology achieves shorter detection delays, ultimately improving the security posture of network systems.

show abstract

Evaluation of Software Vulnerability Detection Methods and Tools: A Review

Cited by 17 publications

References 13 publications

Detection and Analysis of Man-Machine Interactive Software Vulnerabilities Based on Ultrasonic Data Acquisition and Signal Processing Algorithms

Detection and Analysis of Man-Machine Interactive Software Vulnerabilities Based on Ultrasonic Data Acquisition and Signal Processing Algorithms

Elevating Security Analysis: The MTLPT Framework for Enhanced Vulnerability Prediction

Network Security with Virtual Reality based Antivirus Protection and Reduced Detection Delays

Contact Info

Product

Resources

About