Abstract
Vulnerability detection is imperative to protect software systems from cyber attacks. However, existing methods either rely on experts to directly define vulnerability patterns or define vulnerability features and then use machine learning methods to generate vulnerability patterns automatically. It is not only a laborious task but will miss many vulnerabilities and incur a high false-positive rate. Besides, a large number of resources are required to audit the precise location of the vulnerability. To solve the problems, we propose AVDHRAM, a systematic Automated Vulnerability Detection framework based on Hierarchical Representation and Attention Mechanism. We use a deep learning network, Hierarchical Attention Network(HAN), to relieve human experts from the tedious task of manually defining features. The framework adds structural information in the process of source code representation using a finer granularity(slice), instead of function, file, or component. It can better represent vulnerabilities and learn more subtle vulnerability patterns to improve detection accuracy. Additionally, we use the attention mechanism to implement a convenient visualization tool, which can highlight the parts that have the most significant impact on the classification decision and speed up the process of vulnerability location analysis. Experimental results show that AVDHRAM outperforms the previous neural networks and other vulnerability detection methods in several metrics.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.