14th International Conference on Computational Intelligence in Security for Information Systems and 12th International Conference on European Transnational Educational (CISIS 2021 and ICEUTE 2021) by Unknown

Author:Unknown
Language: eng
Format: epub
ISBN: 9783030878726
Publisher: Springer International Publishing

2.2 Vulnerable Code Pattern Recognition

Vulnerable code pattern recognition methods use ML techniques to automatically identify patterns of vulnerable code segments, analysing and mining features from the source code. In order to reduce manual effort, different approaches have been proposed to statistically detect these vulnerable code patterns.

Yamaguchi et al. [11] proposed a method to assist a security analyst during source code audit. The method extracts an Abstract Syntax Tree (AST) from the source code and determines its structural patterns, which allows to break down a known vulnerability and suggests code with similar properties. Nevertheless, AST is not suitable for advanced analysis. For this reason in [12], authors introduced a new graph representation named Code Property Graph. Using this representation, in [13] they presented a method for automatically inferring search patterns for taint-style vulnerabilities from the source code, combining unsupervised ML (i.e., clustering) and static program analysis. However, the approach still required a considerable amount of manual auditing and analysis work.

Input validation and sanitization are also essential secure coding techniques used to protect programs from common vulnerabilities. Shar and Tan [14] proposed a set of input sanitization code attributes that can be statically collected. However, their predictive capability is limited as it depends on the classification of the input validation and sanitization code patterns. To address these limitations, Shar et al. [15] proposed a hybrid analysis combining static and dynamic analysis, and using a semi-unsupervised approach, unexplored in this domain till the date, along the supervised approach to predict vulnerabilities.

The aforementioned works, with the exception of [15], are based on static analysis techniques focused on source code analysis. Grieco et al. [16] presented the first large scale study on vulnerability discovery for binary code, applying a scalable ML approach to predict if a binary program was likely to contain an easily exploitable memory corruption vulnerability. They also developed VDiscover, a tool to predict vulnerabilities in test cases. This study increased the possibility to find vulnerabilities at operating system scale.

In the last years, deep learning-based (DL) techniques have had a big success in many domains, including software vulnerability detection. The first systematic framework for using DL to detect vulnerabilities was presented by Zhen Li et al. [17]. The framework, called SySeVR, extracted program representations that can accommodate syntax and semantic information relevant for the vulnerabilities such as function call and pointer usage. Zhen Li et al. [18] also propose the use of DL to detect vulnerabilities at the slice level. In this approach, authors vectorized multiple semantically related lines of code as an input to the model. To this end, they implemented VulDeePecker, a DL-based vulnerability detection system.

Although vulnerable code pattern recognition is a promising approach, the studies presented do not identify the type of the vulnerability and, while it is possible to detect the location of the vulnerability within the source code, it is still not fine-grained.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.