AVDHRAM: Automated Vulnerability Detection based on Hierarchical Representation and Attention Mechanism

Abstract

Vulnerability detection is imperative to protect software systems from cyber attacks. However, existing methods either rely on experts to directly define vulnerability patterns or define vulnerability features and then use machine learning methods to generate vulnerability patterns automatically. It is not only a laborious task but will miss many vulnerabilities and incur a high false-positive rate. Besides, a large number of resources are required to audit the precise location of the vulnerability. To solve the problems, we propose AVDHRAM, a systematic Automated Vulnerability Detection framework based on Hierarchical Representation and Attention Mechanism. We use a deep learning network, Hierarchical Attention Network(HAN), to relieve human experts from the tedious task of manually defining features. The framework adds structural information in the process of source code representation using a finer granularity(slice), instead of function, file, or component. It can better represent vulnerabilities and learn more subtle vulnerability patterns to improve detection accuracy. Additionally, we use the attention mechanism to implement a convenient visualization tool, which can highlight the parts that have the most significant impact on the classification decision and speed up the process of vulnerability location analysis. Experimental results show that AVDHRAM outperforms the previous neural networks and other vulnerability detection methods in several metrics.