Vulnerability Detection in C/C++ Code with Deep Learning
This work addresses software security for developers by improving vulnerability detection, but it is incremental as it builds on existing deep learning methods with specific optimizations.
The paper tackles the problem of detecting software vulnerabilities in C/C++ code by training neural networks on program slices that capture syntax and semantic characteristics, achieving a best accuracy of 92.49% with a BGRU model and ADAM optimizer.
Deep learning has been shown to be a promising tool in detecting software vulnerabilities. In this work, we train neural networks with program slices extracted from the source code of C/C++ programs to detect software vulnerabilities. The program slices capture the syntax and semantic characteristics of vulnerability-related program constructs, including API function call, array usage, pointer usage, and arithmetic expression. To achieve a strong prediction model for both vulnerable code and non-vulnerable code, we compare different types of training data, different optimizers, and different types of neural networks. Our result shows that combining different types of characteristics of source code and using a balanced number of vulnerable program slices and non-vulnerable program slices produce a balanced accuracy in predicting both vulnerable code and non-vulnerable code. Among different neural networks, BGRU with the ADAM optimizer performs the best in detecting software vulnerabilities with an accuracy of 92.49%.