Litcius/Paper detail

VulCNN

Yueming Wu, Deqing Zou, Shihan Dou, Wei Yang, Duo Xu, Hai Jin

2022Proceedings of the 44th International Conference on Software Engineering144 citationsDOI

Abstract

Since deep learning (DL) can automatically learn features from source code, it has been widely used to detect source code vulnerability. To achieve scalable vulnerability scanning, some prior studies intend to process the source code directly by treating them as text. To achieve accurate vulnerability detection, other approaches consider distilling the program semantics into graph representations and using them to detect vulnerability. In practice, text-based techniques are scalable but not accurate due to the lack of program semantics. Graph-based methods are accurate but not scalable since graph analysis is typically time-consuming.

Topics & Concepts

Computer scienceScalabilitySource codeSemantics (computer science)Vulnerability (computing)GraphCode (set theory)Programming languageTheoretical computer scienceDatabaseComputer securitySet (abstract data type)Software Engineering ResearchAdvanced Malware Detection TechniquesSoftware Testing and Debugging Techniques