Enabling Automatic Repair of Source Code Vulnerabilities Using Data-Driven Methods

被引:0
|
作者
Grishina, Anastasiia [1 ]
机构
[1] Simula Res Lab, Oslo, Norway
来源
2022 ACM/IEEE 44TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2022) | 2022年
关键词
Automatic Program Repair; Static Analysis; Software Security; Natural Language Processing; Graph-based Machine Learning; ML4Code;
D O I
10.1145/3510454.3517063
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Users around the world rely on software-intensive systems in their day-to-day activities. These systems regularly contain bugs and security vulnerabilities. To facilitate bug fixing, data-driven models of automatic program repair use pairs of buggy and fixed code to learn transformations that fix errors in code. However, automatic repair of security vulnerabilities remains under-explored. In this work, we propose ways to improve code representations for vulnerability repair from three perspectives: input data type, data-driven models, and downstream tasks. The expected results of this work are improved code representations for automatic program repair and, specifically, fixing security vulnerabilities.
引用
收藏
页码:275 / 277
页数:3
相关论文
共 50 条
  • [1] A Comparison of Data-Driven Automatic Syllabification Methods
    Adsett, Connie R.
    Marchand, Yannick
    STRING PROCESSING AND INFORMATION RETRIEVAL, PROCEEDINGS, 2009, 5721 : 174 - 181
  • [2] A Consumer Analytics Framework for enabling Data-Driven Marketing Intervention Methods
    Camilleri, Edwin
    Miah, Shah J.
    2017 4TH ASIA-PACIFIC WORLD CONGRESS ON COMPUTER SCIENCE AND ENGINEERING (APWCONCSE 2017), 2017, : 8 - 12
  • [3] Enabling Data Legitimacy in Data-Driven Projects
    Batista, Andre F. M.
    da Silva, Daniel L.
    Correa, Pedro L. P.
    2017 INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN COMPUTER, ELECTRICAL, ELECTRONICS AND COMMUNICATION (CTCEEC), 2017, : 50 - 54
  • [4] DVL Calibration using Data-driven Methods
    Yampolsky, Zeev
    Klein, Itzik
    OCEANS 2024 - SINGAPORE, 2024,
  • [5] Automatic Data-Driven Software Change Identification via Code Representation Learning
    Hericko, Tjasa
    27TH INTERNATIONAL CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2023, 2023, : 319 - 323
  • [6] Source code vulnerabilities detection using loosely coupled data and control flows
    Zaharia, Sergiu
    Rebedea, Traian
    Trausan-Matu, Stefan
    2019 21ST INTERNATIONAL SYMPOSIUM ON SYMBOLIC AND NUMERIC ALGORITHMS FOR SCIENTIFIC COMPUTING (SYNASC 2019), 2020, : 43 - 46
  • [7] <sc>PragFormer</sc>: Data-Driven Parallel Source Code Classification with Transformers
    Harel, Re'em
    Kadosh, Tal
    Hasabnis, Niranjan
    Mattson, Timothy
    Pinter, Yuval
    Oren, Gal
    INTERNATIONAL JOURNAL OF PARALLEL PROGRAMMING, 2025, 53 (01)
  • [8] Data-Driven Automatic Cropping Using Semantic Composition Search
    Samii, A.
    Mech, R.
    Lin, Z.
    COMPUTER GRAPHICS FORUM, 2015, 34 (01) : 141 - 151
  • [9] Automatic Classification of Data-Driven Respiratory Waveforms Using AI
    Walker, M. D.
    Su, K.
    Wollenweber, S. D.
    Johnsen, R.
    McGowan, D. R.
    EUROPEAN JOURNAL OF NUCLEAR MEDICINE AND MOLECULAR IMAGING, 2020, 47 (SUPPL 1) : S485 - S485
  • [10] Contraction scour estimation using data-driven methods
    Minh Duc Bui
    Kaveh, Keivan
    Penz, Petr
    Rutschmann, Peter
    JOURNAL OF APPLIED WATER ENGINEERING AND RESEARCH, 2015, 3 (02): : 143 - 156
12345