VuRLE: Automatic vulnerability detection and repair by learning from examples
Vulnerability becomes a major threat to the security of many systems. Attackers can steal private information and perform harmful actions by exploiting unpatched vulnerabilities. Vulnerabilities often remain undetected for a long time as they may not affect typical systems’ functionalities. Furtherm...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2017
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4378 https://ink.library.smu.edu.sg/context/sis_research/article/5381/viewcontent/vulnerability_fix.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5381 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-53812019-06-13T09:45:50Z VuRLE: Automatic vulnerability detection and repair by learning from examples MA SIQI, THUNG, Ferdian LO, David SUN, Cong DENG, Robert H. Vulnerability becomes a major threat to the security of many systems. Attackers can steal private information and perform harmful actions by exploiting unpatched vulnerabilities. Vulnerabilities often remain undetected for a long time as they may not affect typical systems’ functionalities. Furthermore, it is often difficult for a developer to fix a vulnerability correctly if he/she is not a security expert. To assist developers to deal with multiple types of vulnerabilities, we propose a new tool, called VuRLE, for automatic detection and repair of vulnerabilities. VuRLE (1) learns transformative edits and their contexts (i.e., code characterizing edit locations) from examples of vulnerable codes and their corresponding repaired codes; (2) clusters similar transformative edits; (3) extracts edit patterns and context patterns to create several repair templates for each cluster. VuRLE uses the context patterns to detect vulnerabilities, and customizes the corresponding edit patterns to repair them. We evaluate VuRLE on 279 vulnerabilities from 48 real-world applications. Under 10-fold cross validation, we compare VuRLE with another automatic repair tool, LASE. Our experiment shows that VuRLE successfully detects 183 out of 279 vulnerabilities, and repairs 101 of them, while LASE can only detect 58 vulnerabilities and repair 21 of them. 2017-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4378 info:doi/10.1007/978-3-319-66399-9_13 https://ink.library.smu.edu.sg/context/sis_research/article/5381/viewcontent/vulnerability_fix.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Automated Template Generation Vulnerability Detection Automated Program Repair Databases and Information Systems Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Automated Template Generation Vulnerability Detection Automated Program Repair Databases and Information Systems Information Security |
| spellingShingle |
Automated Template Generation Vulnerability Detection Automated Program Repair Databases and Information Systems Information Security MA SIQI, THUNG, Ferdian LO, David SUN, Cong DENG, Robert H. VuRLE: Automatic vulnerability detection and repair by learning from examples |
| description |
Vulnerability becomes a major threat to the security of many systems. Attackers can steal private information and perform harmful actions by exploiting unpatched vulnerabilities. Vulnerabilities often remain undetected for a long time as they may not affect typical systems’ functionalities. Furthermore, it is often difficult for a developer to fix a vulnerability correctly if he/she is not a security expert. To assist developers to deal with multiple types of vulnerabilities, we propose a new tool, called VuRLE, for automatic detection and repair of vulnerabilities. VuRLE (1) learns transformative edits and their contexts (i.e., code characterizing edit locations) from examples of vulnerable codes and their corresponding repaired codes; (2) clusters similar transformative edits; (3) extracts edit patterns and context patterns to create several repair templates for each cluster. VuRLE uses the context patterns to detect vulnerabilities, and customizes the corresponding edit patterns to repair them. We evaluate VuRLE on 279 vulnerabilities from 48 real-world applications. Under 10-fold cross validation, we compare VuRLE with another automatic repair tool, LASE. Our experiment shows that VuRLE successfully detects 183 out of 279 vulnerabilities, and repairs 101 of them, while LASE can only detect 58 vulnerabilities and repair 21 of them. |
| format |
text |
| author |
MA SIQI, THUNG, Ferdian LO, David SUN, Cong DENG, Robert H. |
| author_facet |
MA SIQI, THUNG, Ferdian LO, David SUN, Cong DENG, Robert H. |
| author_sort |
MA SIQI, |
| title |
VuRLE: Automatic vulnerability detection and repair by learning from examples |
| title_short |
VuRLE: Automatic vulnerability detection and repair by learning from examples |
| title_full |
VuRLE: Automatic vulnerability detection and repair by learning from examples |
| title_fullStr |
VuRLE: Automatic vulnerability detection and repair by learning from examples |
| title_full_unstemmed |
VuRLE: Automatic vulnerability detection and repair by learning from examples |
| title_sort |
vurle: automatic vulnerability detection and repair by learning from examples |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2017 |
| url |
https://ink.library.smu.edu.sg/sis_research/4378 https://ink.library.smu.edu.sg/context/sis_research/article/5381/viewcontent/vulnerability_fix.pdf |
| _version_ |
1770574691626385408 |