Paper Image

Detecting vulnerabilities in similar-looking code

Published on:

22 August 2023

Primary Category:

Software Engineering

Paper Authors:

Chao Ni,

Xin Yin,

Kaiwen Yang,

Dehai Zhao,

Zhenchang Xing,

Xin Xia

Bullets

Key Details

SVulD outperforms prior vulnerability detection methods, with higher accuracy and F1 scores

It uses contrastive learning to distinguish semantic differences in similar code

SVulD provides natural language explanations to help developers understand vulnerabilities

User studies show SVulD's explanations help developers intuitively understand problems

The approach handles challenging cases where vulnerable and non-vulnerable code are lexically very similar

AI generated summary

Detecting vulnerabilities in similar-looking code

This paper proposes a new approach called SVulD to detect vulnerabilities in code, even when vulnerable and non-vulnerable code snippets look very similar lexically. It uses pre-trained models and contrastive learning to distinguish semantic differences. In user studies, SVulD provided useful explanations to help developers understand detected vulnerabilities.

Answers from this paper

Comments

No comments yet, be the first to start the conversation...

Sign up to comment on this paper

Sign Up