Enabling Automatic Repair of Source Code Vulnerabilities Using Data-Driven Methods
This work addresses security vulnerabilities in software systems, which is a critical issue for users and developers, but it appears incremental as it builds on existing data-driven repair methods.
The paper tackles the problem of automatically repairing security vulnerabilities in source code by improving code representations through data-driven methods, aiming to enhance automatic program repair for vulnerabilities.
Users around the world rely on software-intensive systems in their day-to-day activities. These systems regularly contain bugs and security vulnerabilities. To facilitate bug fixing, data-driven models of automatic program repair use pairs of buggy and fixed code to learn transformations that fix errors in code. However, automatic repair of security vulnerabilities remains under-explored. In this work, we propose ways to improve code representations for vulnerability repair from three perspectives: input data type, data-driven models, and downstream tasks. The expected results of this work are improved code representations for automatic program repair and, specifically, fixing security vulnerabilities.