source-code-vulnerability-detection-project

Project maintained by DanielJRamirez Hosted on GitHub Pages — Theme by mattgraham

Source Code Vulnerability Detection

Abstract

In order to better understand and compare the techniques that are being developed to detect vulnerabilities in source codes, eight papers were selected to be researched and five were implemented. These papers each present different methods and operate on varying datasets and languages, however a selection of common metrics allows for adequate comparisons in their efficacy. This comparison helps to showcase the most successful individual strategies and overall implementations that can be applied to detect flaws in software.

Methods Researched

  1. On using distributed representations of source code for the detection of C security vulnerabilities
  2. Detecting Vulnerability in Source Code Using CNN and LSTM Network
  3. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks
  4. Automated Vulnerability Detection in Source Code Using Deep Representation Learning
  5. How to Detect Software Vulnerabilities in Source Code Using Machine Learning
  6. An Automatic Source Code Vulnerability Detection Approach Based on KELM
  7. SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities
  8. VUDENC: Vulnerability Detection with Deep Learning on a Natural Codebase for Python

Methods Implemented

  1. On using distributed representations of source code for the detection of C security vulnerabilities (repo) (our implementation)
  2. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks (repo) (our implementation)
  3. Automated Vulnerability Detection in Source Code Using Deep Representation Learning (repo) (our implementation)
  4. How to Detect Software Vulnerabilities in Source Code Using Machine Learning (repo) (our implementation)
  5. VUDENC: Vulnerability Detection with Deep Learning on a Natural Codebase for Python (repo) (our implementation)

Results

Figure 1. Accuracies across Methods image

Figure 2. Precision and F1 Scores across Methods image

Presentation Video