3.8 Proceedings Paper

AVDHRAM: Automated Vulnerability Detection based on Hierarchical Representation and Attention Mechanism

Publisher

IEEE COMPUTER SOC
DOI: 10.1109/ISPA-BDCloud-SocialCom-SustainCom51426.2020.00068

Keywords

vulnerability detection; program slicing; deep learning; HAN; visualization

Funding

  1. National Natural Science Foundation of China [61602469]
  2. Fundamental theory and cutting edge technology Research Program of Institute of Information Engineering, CAS [Y7Z0411105]

Ask authors/readers for more resources

Vulnerability detection is imperative to protect software systems from cyber attacks. However, existing methods either rely on experts to directly define vulnerability patterns or define vulnerability features and then use machine learning methods to generate vulnerability patterns automatically. It is not only a laborious task but will miss many vulnerabilities and incur a high false-positive rate. Besides, a large number of resources are required to audit the precise location of the vulnerability. To solve the problems, we propose AVDHRAM, a systematic Automated Vulnerability Detection framework based on Hierarchical Representation and Attention Mechanism. We use a deep learning network, Hierarchical Attention Network(HAN), to relieve human experts from the tedious task of manually defining features. The framework adds structural information in the process of source code representation using a finer granularity(slice), instead of function, file, or component. It can better represent vulnerabilities and learn more subtle vulnerability patterns to improve detection accuracy. Additionally, we use the attention mechanism to implement a convenient visualization tool, which can highlight the parts that have the most significant impact on the classification decision and speed up the process of vulnerability location analysis. Experimental results show that AVDHRAM outperforms the previous neural networks and other vulnerability detection methods in several metrics.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

3.8
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available