Software Vulnerability Detection Using Deep Neural Networks: A Survey

The constantly increasing number of disclosed security vulnerabilities have become an important concern in the software industry and in the field of cybersecurity, suggesting that the current approaches for vulnerability detection demand further improvement. The booming of the open-source software c...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings of the IEEE Ročník 108; číslo 10; s. 1825 - 1848
Hlavní autoři: Lin, Guanjun, Wen, Sheng, Han, Qing-Long, Zhang, Jun, Xiang, Yang
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York IEEE 01.10.2020
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Témata:
Artificial neural networks
Computer bugs
Computer security
Cybersecurity
Data mining
Deep learning
deep neural network (DNN)
Feature extraction
Literature reviews
Machine learning
machine learning (ML)
Machine translation
Neural networks
Open source software
representation learning
Semantics
Software engineering
Software reliability
software vulnerability
Source code
Speech recognition
ISSN:0018-9219, 1558-2256
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:The constantly increasing number of disclosed security vulnerabilities have become an important concern in the software industry and in the field of cybersecurity, suggesting that the current approaches for vulnerability detection demand further improvement. The booming of the open-source software community has made vast amounts of software code available, which allows machine learning and data mining techniques to exploit abundant patterns within software code. Particularly, the recent breakthrough application of deep learning to speech recognition and machine translation has demonstrated the great potential of neural models' capability of understanding natural languages. This has motivated researchers in the software engineering and cybersecurity communities to apply deep learning for learning and understanding vulnerable code patterns and semantics indicative of the characteristics of vulnerable code. In this survey, we review the current literature adopting deep-learning-/neural-network-based approaches for detecting software vulnerabilities, aiming at investigating how the state-of-the-art research leverages neural techniques for learning and understanding code semantics to facilitate vulnerability discovery. We also identify the challenges in this new field and share our views of potential research directions.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0018-9219
1558-2256
DOI:10.1109/JPROC.2020.2993293