Paper Image

Detecting security vulnerabilities in code as it is written

Published on:

23 May 2023

Primary Category:

Cryptography and Security

Paper Authors:

Aaron Chan,

Anant Kharkar,

Roshanak Zilouchian Moghaddam,

Yevhen Mohylevskyy,

Alec Helyar,

Eslam Kamal,

Mohamed Elkamhawy,

Neel Sundaresan

Bullets

Key Details

Presents system to detect vulnerabilities in incomplete code at edit time using deep learning

Improves state of art detection approaches by 10% recall and 8% precision

Reduces vulnerability rate of code language models by over 89% in benchmark

Can be deployed in IDEs to reduce vulnerabilities by 80% for developers

Compares zero-shot, few-shot and fine-tuning approaches for pre-trained models

AI generated summary

Detecting security vulnerabilities in code as it is written

This paper presents a system that uses deep learning on a large dataset of vulnerable code patterns to detect security vulnerabilities in incomplete code snippets in real time as developers write code. It allows finding and fixing vulnerabilities earlier and at lower cost. The system is evaluated on benchmark datasets and reduces vulnerability rates in code completions from language models by up to 90%.

Answers from this paper

Comments

No comments yet, be the first to start the conversation...

Sign up to comment on this paper

Sign Up