Research on Software Vulnerability Detection Methods Based on Deep Learning
DOI:
https://doi.org/10.54097/q1rgkx18Keywords:
Deep learning, Software vulnerability, Detection technologyAbstract
This paper aims to investigate software vulnerability detection methods based on deep learning to address the ever-growing challenges in software security. With the rapid development of information technology, software vulnerabilities have become the primary targets of cyberattacks, posing severe threats to economic, military, and social security. By analyzing the limitations of existing software vulnerability detection methods, this paper explores the potential applications of deep learning technology in this field. Through a literature review, relevant theories of software vulnerabilities are introduced, including the concept, types, and impacts of vulnerabilities. Subsequently, detailed descriptions of deep learning-based vulnerability detection methods are provided, encompassing Convolutional Neural Networks (CNNs), Recurrent Neural Networks (RNNs) and their variant LSTM, as well as the application of program slicing techniques in vulnerability detection. By evaluating and improving existing deep learning models, a novel deep learning-based vulnerability detection framework is proposed, with its workflow and technical principles elaborated. The proposed deep learning-based vulnerability detection method can effectively enhance the accuracy and efficiency of software vulnerability detection, reduce reliance on expert knowledge, and lower human resource costs. Experimental results demonstrate that this method performs exceptionally well on multiple datasets, indicating broad application prospects and significant research value. The deep learning-based software vulnerability detection method offers new insights and tools for addressing current software security challenges. In the future, with the continuous development and improvement of deep learning technology, this method will play an even more crucial role in the field of software vulnerability detection.
References
[1] Shen Z, Chen S. A Survey of Automatic Software Vulnerability Detection, Program Repair, and Defect Prediction Techniques[J]. Security and Communication Networks, 2020, 2020.
[2] Bistarelli S, Parroccini M, Santini F. Visualizing Bitcoin Flows of Ransomware: WannaCry One Week Later[C]//ITASEC. 2018.
[3] Dempsey K, Takamura E, Eavy P, et al. Automation Support for Security Control Assessments: Software Vulnerability Management[R]. National Institute of Standards and Technology, 2020: 93.
[4] Chakraborty S, Krishna R, Ding Y, et al. Deep learning based vulnerability detection: Are we there yet[J]. IEEE Transactions on Software Engineering, 2021.
[5] Papageorgiou C P, Oren M, Poggio T. A general framework for object detection[C]//Sixth International Conference on Computer Vision (IEEE Cat. No. 98CH36271). IEEE, 1998: 555-562.
[6] Zhang Weiguo. A Method for Software Vulnerability Detection Based on Code Semantic Vector Representation and Deep Learning [D]. Harbin Institute of Technology, 2020.
[7] Wang S, Liu T, Nam J, et al. Deep semantic feature learning for software defect prediction[J]. IEEE Transactions on Software Engineering, 2018, 46(12): 1267-1293.
[8] Li Z, Zou D, Xu S, et al. Vuldeepecker: A deep learning-based system for vulnerability detection[J]. arXiv preprint arXiv:1801.01681, 2018.
[9] Li Z, Zou D, Xu S, et al. Sysevr: A framework for using deep learning to detect software vulnerabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 19(4): 2244-2258.
[10] Lin G, Zhang J, Luo W, et al. Software vulnerability discovery via learning multi-domain knowledge bases[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 18(5): 2469-2485.
[11] Mao Y, Li Y, Sun J, et al. Explainable software vulnerability detection based on attention-based bidirectional recurrent neural networks[C]//2020 IEEE International Conference on Big Data (Big Data). IEEE, 2020: 4651-4656.
[12] Goodfellow I, Bengio Y, Courville A, et al. Deep Learning, vol. 1. Cam bridge: MTT press[J]. 2016.
[13] Schmidhuber J. Deep learning in neural networks:An overview[J].Neural networks,2015, 61: 85-117.
[14] Weiser M D. Program slices: formal, psychological, and practical investigations of an automatic program abstraction method[M]. University of Michigan, 1979.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
How to Cite
