A Review of Data Representation Methods for Vulnerability Mining Using Deep Learning

Ying Li, Mianxue Gu, Hongyu Sun, Yuhao Lin, Qiuling Yue, Zhen Guo, Jinglu Hu, He Wang, Yuqing Zhang*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The rapid development of software has brought unprecedented severe challenges to software security vulnerabilities. Traditional vulnerability mining methods are difficult to apply to large-scale software systems due to drawbacks such as manual inspection, low efficiency, high false positives and high false negatives. Recent research works have attempted to apply deep learning models to vulnerability mining, and have made a good progress in vulnerability mining filed. In this paper, we analyze the deep learning model framework applied to vulnerability mining and summarize its overall workflow and technology. Then, we give a detailed analysis on five feature extraction methods for vulnerability mining, including sequence characterization-based method, abstract syntax tree-based method, graph-based method, text-based method and mixed characterization-based method. In addition, we summarize their advantages and disadvantages from the angles of single and mixed feature extraction method. Finally, we point out the future research trends and prospects.

Original languageEnglish
Title of host publicationFrontiers in Cyber Security - 4th International Conference, FCS 2021, Revised Selected Papers
EditorsChunjie Cao, Yuqing Zhang, Yuan Hong, Ding Wang
PublisherSpringer Science and Business Media Deutschland GmbH
Pages342-351
Number of pages10
ISBN (Print)9789811905223
DOIs
Publication statusPublished - 2022
Event4th International Conference on Frontiers in Cyber Security, FCS 2021 - Haikou, China
Duration: 2021 Dec 172021 Dec 19

Publication series

NameCommunications in Computer and Information Science
Volume1558 CCIS
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference4th International Conference on Frontiers in Cyber Security, FCS 2021
Country/TerritoryChina
CityHaikou
Period21/12/1721/12/19

Keywords

  • Data representation
  • Deep learning
  • Vulnerability mining

ASJC Scopus subject areas

  • Computer Science(all)
  • Mathematics(all)

Fingerprint

Dive into the research topics of 'A Review of Data Representation Methods for Vulnerability Mining Using Deep Learning'. Together they form a unique fingerprint.

Cite this