Litcius/Paper detail

Vulnerability Detection via Multimodal Learning: Datasets and Analysis

Xin Zhou, Rakesh Verma

2022Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security18 citationsDOI

Abstract

A vulnerability is a weakness that can be exploited by an attacker, e.g., performing unauthorized actions within a computer system. For example, privilege escalation is a type of vulnerability in software, which can be used to gain elevated access to resources that are normally protected from an application or user. However, most applications contain vulnerabilities, some are fixed over time by patches, but many are discovered only after exploitation, which results in steep costs. Furthermore, program analysis tools are generally quite difficult to use. Security analysts still do manual investigation on software, i.e., using static analysis tools on machine code or source code to find bugs. Multimodal learning has been widely used in image processing, but is rarely seen in software security. We introduce a new dataset for multimodal deep learning, MVDSC-C (Multisource for Vulnerability Detection in Source Code - C/C++). Our preliminary results show that combined modalities perform better than single modalities.

Topics & Concepts

Computer scienceVulnerability (computing)Source codeModalitiesSoftwareSoftware security assuranceMachine learningCode (set theory)Secure codingArtificial intelligenceVulnerability managementDeep learningVulnerability assessmentComputer securityInformation securityOperating systemProgramming languageSet (abstract data type)PsychologyPsychotherapistSociologySecurity servicePsychological resilienceSocial scienceSoftware Engineering ResearchAdvanced Malware Detection TechniquesSoftware Testing and Debugging Techniques