VulDeePecker: A Deep Learning-Based System for Vulnerability Detection

Li, Zhen; Zou, Deqing; Xu, Shouhuai; Ou, Xinyu; Jin, Hai; Wang, Sujuan; Deng, Zhijun; Zhong, Yuyi

doi:10.14722/ndss.2018.23158

Cited by 583 publications

(544 citation statements)

References 43 publications

Supporting

Mentioning

498

Contrasting

Order By: Relevance

“…First, a conceptual innovation underlying µVulDeePecker is the introduction of the concept we call code attention, which can accommodate information useful for learning local features and helping pinpoint types of vulnerabilities. It refines the concept of code gadget [13] which is a number of statements that are semantically related to each other. Second, another innovation underlying µVulDeePecker is redefining arXiv:2001.02334v1 [cs.CR] 8 Jan 2020 the concept and extraction method of code gadget by introducing control-dependence.…”

Section: Our Contributionsmentioning

confidence: 99%

“…We name our multiclass vulnerability detection system, namely µVulDeePecker, after the system known as VulDeePecker [13], which is the first deep learning-based binary vulnerability detection system (i.e., only able to tell whether a piece of code is vulnerable or not, but not the type of a vulnerability in question). The reason we are so named is that our system is inspired by VulDeePecker; indeed, we refine the concept of code gadget introduced in [13], which only captures data dependence, by additionally accommodating control dependence, which leads to higher effectiveness in multiclass vulnerability detection. However, we stress that µVulDeePecker is not a simple incremental work over VulDeePecker [13].…”

Section: µVuldeepecker Vs Vuldeepeckermentioning

confidence: 99%

See 1 more Smart Citation

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Zou

Wang

et al. 2019

IEEE Trans. Dependable and Secure Comput.

Self Cite

145

View full text Add to dashboard Cite

Fine-grained software vulnerability detection is an important and challenging problem. Ideally, a detection system (or detector) not only should be able to detect whether or not a program contains vulnerabilities, but also should be able to pinpoint the type of a vulnerability in question. Existing vulnerability detection methods based on deep learning can detect the presence of vulnerabilities (i.e., addressing the binary classification or detection problem), but cannot pinpoint types of vulnerabilities (i.e., incapable of addressing multiclass classification). In this paper, we propose the first deep learning-based system for multiclass vulnerability detection, dubbed µVulDeePecker. The key insight underlying µVulDeePecker is the concept of code attention, which can capture information that can help pinpoint types of vulnerabilities, even when the samples are small. For this purpose, we create a dataset from scratch and use it to evaluate the effectiveness of µVulDeePecker. Experimental results show that µVulDeePecker is effective for multiclass vulnerability detection and that accommodating control-dependence (other than data-dependence) can lead to higher detection capabilities.

show abstract

Section: Our Contributionsmentioning

confidence: 99%

Section: µVuldeepecker Vs Vuldeepeckermentioning

confidence: 99%

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Zou

Wang

et al. 2019

IEEE Trans. Dependable and Secure Comput.

Self Cite

145

View full text Add to dashboard Cite

show abstract

“…The computational system is a server running CentOS Linux 7 with two Physical Intel(R) Xeon(R) E5‐2690 v3 2.60GHz CPUs and 96GB RAM. For code gadgets, we use the same parameter setting as Li et al…”

Section: Performance Experiments Of Deep Learnt Featuresmentioning

confidence: 99%

“…The first layer is an embedding layer which maps each element of the sequence to a dense vector of fixed dimensionality. In conducting a comparative study, we adopt the datasets published by Li et al 35 We download 2 additional datasets and obtain the code gadgets as feature presentations according to what is described in the paper, where CWE119 contains buffer errors and CWE399 contains management errors.…”

Section: Phase 2: Deep Feature Representation Learningmentioning

confidence: 99%

“…The computational system is a server running CentOS Linux 7 with two Physical Intel(R) Xeon(R) E5-2690 v3 2.60GHz CPUs and 96GB RAM. For code gadgets, we use the same parameter setting as Li et al 35 For the performane experiments, we employ six machine learning algorithms, which are C4.5 decision tree (J48), k-nearest neighbour(KNN), LDA, neural network(NN), random forest, and SVM. We use default setting in weka, and perform 10 runs of 10-fold cross-validation on each dataset.…”

Section: Experiments Setupmentioning

confidence: 99%

See 1 more Smart Citation

A performance evaluation of deep‐learnt features for software vulnerability detection

Ban

Liu

Chen

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Summary Software vulnerability is a critical issue in the realm of cyber security. In terms of techniques, machine learning (ML) has been successfully used in many real‐world problems such as software vulnerability detection, malware detection and function recognition, for high‐quality feature representation learning. In this paper, we propose a performance evaluation study on ML based solutions for software vulnerability detection, conducting three experiments: machine learning‐based techniques for software vulnerability detection based on the scenario of single type of vulnerability and multiple types of vulnerabilities per dataset; machine learning‐based techniques for cross‐project software vulnerability detection; and software vulnerability detection when facing the class imbalance problem with varying imbalance ratios. Experimental results show that it is possible to employ software vulnerability detection based on ML techniques. However, ML‐based techniques suffer poor performance on both cross‐project and class imbalance problem in software vulnerability detection.

show abstract

Multigranularity semantics based vulnerability search method for cross‐platform binary

Líu

Zhang

2021

Int J of Intelligent Sys

View full text Add to dashboard Cite

Semantic learning is a common method for binary vulnerability detection, which can analyze the assembly structure of the binary code. The existing methods such as control flow graphs and labeled semantic flow graphs perform single semantic analysis to determine whether a known vulnerability is hidden in the binary function. However, challenge arises when they perform vulnerability detection cross‐platforms. In this paper, we propose a multigranularity semantic‐based vulnerability search method to deal with the challenge of cross‐platform vulnerability detection, and implement its prototype Taurus. Given the binary function to be searched and vulnerability function, Taurus first extracts their inter‐basic‐block, inter‐function, and inter‐module semantic features respectively, and then calculates the similarity distance between them at three levels. Finally, three similarity scores are combined to rank in descending order to obtain the vulnerability detection report. The performance comparison indicates that Taurus outperforms the state‐of‐the‐art approaches in terms of accuracy.

show abstract

VulDeePecker: A Deep Learning-Based System for Vulnerability Detection

Cited by 583 publications

References 43 publications

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

A performance evaluation of deep‐learnt features for software vulnerability detection

Multigranularity semantics based vulnerability search method for cross‐platform binary

Contact Info

Product

Resources

About