Towards a block-level ML-based Python vulnerability detection tool

Towards a block-level ML-based Python vulnerability detection tool

Show other versions (1)

Computer software is driving our everyday life, therefore their security is pivotal. Unfortunately, security flaws are common in software systems, which can result in a variety of serious repercussions, including data loss, secret information disclosure, manipulation, or system failure. Although tec...

Teljes leírás

Elmentve itt :
Bibliográfiai részletek
Szerzők: Bagheri Amirreza
Hegedűs Péter
Dokumentumtípus: Cikk
Megjelent: University of Szeged, Institute of Informatics Szeged 2024
Sorozat:Acta cybernetica 26 No. 3
Kulcsszavak:Programanalízis, Kiberbiztonság, Adattudomány, Szoftvertechnológia, Szoftverbiztonság
Tárgyszavak:
Természettudományok
Számítás- és információtudomány
doi:10.14232/actacyb.299667

Online Access:http://acta.bibl.u-szeged.hu/86977
Leíró adatok
Tartalmi kivonat:Computer software is driving our everyday life, therefore their security is pivotal. Unfortunately, security flaws are common in software systems, which can result in a variety of serious repercussions, including data loss, secret information disclosure, manipulation, or system failure. Although techniques for detecting vulnerable code exist, the improvement of their accuracy and effectiveness to a practically applicable level remains a challenge. Many existing methods require a substantial amount of human expert labor to develop attributes that indicate vulnerabilities. In previous work, we have shown that machine learning is suitable for solving the issue automatically by learning features from a vast collection of real-world code and predicting vulnerable code locations. Applying a BERT-based code embedding, LSTM models with the best hyperparameters were able to identify seven different security flaws in Python source code with high precision (average of 91%) and recall (average of 83%). Upon the encouraging first empirical results, we go beyond this paper and discuss the challenges of applying these models in practice and outlining a method that solves these issues. Our goal is to develop a hands-on tool for developers that they can use to pinpoint potentially vulnerable spots in their code.
Terjedelem/Fizikai jellemzők:323-371
ISSN:2676-993X

Hasonló tételek