Automated Software Vulnerability Detection via Curriculum Learning

被引：0

作者：

Du, Qianjin ^{[1
]}

Kun, Wei ^{[2
]}

Kuang, Xiaohui ^{[2
]}

Li, Xiang ^{[2
]}

Zhao, Gang ^{[2
]}

机构：

[1] Tsinghua Univ, Dept Comp Sci & Technol, Beijing, Peoples R China

[2] Natl Key Lab Sci & Technol Informat Syst Secur, Beijing, Peoples R China

来源：

2023 IEEE INTERNATIONAL CONFERENCE ON MULTIMEDIA AND EXPO, ICME | 2023年

关键词：

Software Vulnerability; Curriculum Learning; Deep Learning;

D O I：

10.1109/ICME55011.2023.00485

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

With the development of deep learning, software vulnerability detection methods based on deep learning have achieved great success, which outperform traditional methods in efficiency and precision. At the training stage, all training samples are treated equally and presented in random order. However, in software vulnerability detection tasks, the detection difficulties of different samples vary greatly. Similar to the human learning mechanism following an easy-to-difficult curriculum learning procedure, vulnerability detection models can also benefit from the easy-to-hard curriculums. Motivated by this observation, we introduce curriculum learning for automated software vulnerability detection, which is capable of arranging easy-to-difficult training samples to learn better detection models without any human intervention. Experimental results show that our method achieves obvious performance improvements compared to baseline models.

引用

页码：2855 / 2860

页数：6

共 50 条

[41] Few-VulD: A Few-shot learning framework for software vulnerability detection☆ ☆
Zheng, Tianming
Liu, Haojun
Xu, Hang
Chen, Xiang
Yi, Ping
Wu, Yue
COMPUTERS & SECURITY, 2024, 144
[42] Open Science in Software Engineering: A Study on Deep Learning-Based Vulnerability Detection
Nong, Yu
Sharma, Rainy
Hamou-Lhadj, Abdelwahab
Luo, Xiapu
Cai, Haipeng
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2023, 49 (04) : 1983 - 2005
[43] Learning Program Semantics for Vulnerability Detection via Vulnerability-Specific Inter-procedural Slicing
Wu, Bozhi
Liu, Shangqing
Xiao, Yang
Li, Zhiming
Sun, Jun
Lin, Shang-Wei
PROCEEDINGS OF THE 31ST ACM JOINT MEETING EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, ESEC/FSE 2023, 2023, : 1371 - 1383
[44] ARTDET: Machine learning software for automated detection of art deterioration in easel paintings
Garcia-Moreno, Francisco M.
Alcaraz, Jesus Cortes
de la Fuente, Jose Manuel del Castillo
Rodriguez-Simon, Luis Rodrigo
Hurtado-Torres, Maria Visitacion
SOFTWAREX, 2024, 28
[45] Vulnerability Detection with Deep Learning
Wu, Fang
Wang, Jigang
Liu, Jiqiang
Wang, Wei
PROCEEDINGS OF 2017 3RD IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATIONS (ICCC), 2017, : 1298 - 1302
[46] Learning to Predict Severity of Software Vulnerability Using Only Vulnerability Description
Han, Zhuobing
Li, Xiaohong
Xing, Zhenchang
Liu, Hongtao
Feng, Zhiyong
2017 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME), 2017, : 125 - 136
[47] NAUTILUS: Automated RESTful API Vulnerability Detection
Deng, Gelei
Zhang, Zhiyi
Li, Yuekang
Liu, Yi
Zhang, Tianwei
Liu, Yang
Yu, Guo
Wang, Dongjin
PROCEEDINGS OF THE 32ND USENIX SECURITY SYMPOSIUM, 2023, : 5593 - 5609
[48] Vulnerability Detection for software-intensive system
Othman, Refat
PROCEEDINGS OF 2024 28TH INTERNATION CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2024, 2024, : 510 - 515
[49] Research on Software Security Vulnerability Detection Technology
Liu Ping
Su Jin
Yang Xinfeng
2011 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT), VOLS 1-4, 2012, : 1873 - 1876
[50] An advanced computing approach for software vulnerability detection
Do Xuan C.
Cong B.V.
Multimedia Tools and Applications, 2024, 83 (39) : 86707 - 86740

← 1 2 3 4 5 →