0%

源代码漏洞挖掘方向论文集合-论文整合

Posted on 2022-05-18 Edited on 2022-05-20 In 论文整合 Valine:

摘要

基于机器学习的源代码漏洞挖掘方向研究如火如荼，发表了大量的论文，这里从三个方向对漏洞挖掘论文进行了一个整理，如果有补充的请备注评论区，稍后会整合进去谢谢。

基于代码相似性的漏洞挖掘

(2016-ACSAC) VulPecker: An Automated Vulnerability Detection System Based on Code Similarity Analysis
(2017-ICMLA) VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery
(2017-CCS) Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection
(2020-ASE) SCDetector: Software Functional Clone Detection Based on Semantic Tokens Analysis
(2020-SPE) SQVDT: A Scalable Quantitative Vulnerability Detection Technique for Source Code Security Assessment
(2020-USENIX)MVP：Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures
(2020-TIFS) VulDetector: Detecting Vulnerabilities Using Weighted Feature Graph Comparison
(2020-EuroS&P)VGRAPH: A Robust Vulnerable Code Clone Detection System Using Code Property Triplets
(2020-ESORICS)Restructured Cloning Vulnerability Detection Based on Function Semantic Reserving and Reiteration Screening
(2021-C&S) VDSimilar: Vulnerability detection based on code similarity of vulnerabilities and patches
(2022-WWW)HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs
(2022-ISSTA)Hunting Bugs with Accelerated Optimal Graph Vertex Matching. International Symposium on Software Testing and Analysis

基于深度学习的漏洞挖掘

(2016-ICSE) Automatically Learning Semantic Features for Defect Prediction
(2018-ICMLA) Automated Vulnerability Detection in Source Code Using Deep Representation Learning
(2018) A deep tree-based model for software defect prediction
(2018-NDSS) Vuldeepecker: A deep learning-based system for vulnerability detection
(2019-TDSC) µVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection
(2019-IJCAI) VulSniper: Focus Your Attention to Shoot Fine-Grained Vulnerabilities
(2019-ICSE) A Novel Neural Source Code Representation ased on Abstract Syntax Tree
(2020-TSE) Deep Learning based Vulnerability Detection: Are We There Yet?
(2020-INFOCOM) Efficient Vulnerability Detection based on abstract syntax tree and Deep Learning
(2020-TrustCom)FTCLNet: Convolutional LSTM with Fourier Transform for Vulnerability Detection
(2021-TDSC) VulDeeLocator: A Deep Learning-based Fine-grained Vulnerability Detector
(2021-TDSC) SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities
(2021-TOSEM) Interpreting Deep Learning-based Vulnerability Detector Predictions Based on Heuristic Searching
(2021-TSE) Automatic Feature Learning for Predicting Vulnerable Software Components

基于图神经网络的漏洞挖掘

漏洞修复

(2018-APSEC) LSRepair: Live Search of Fix Ingredients for Automated Program Repair
(2020-ICSE) DLFix: context-based code transformation learning for automated program repair
(2020-PACMPL) SpongeBugs: Automatically generating fix suggestions in response to static code analysis warnings
(2020-ICLR) Hoppity: learning graph transformations to detect and fix bugs in programs
(2022-TSE) SeqTrans: Automatic Vulnerability Fix via Sequence to Sequence Learning

综述论文

(2019-网络与信息安全学报) 面向源代码的软件漏洞静态检测综述
(2020-Proc.) Software Vulnerability Detection Using Deep Neural Networks: A Survey
(2021-计算机研究与发展) 基于深度学习的软件安全漏洞挖掘