TY - JOUR
AU - Xiang, Yang
AB -  Poster CCS ™17, October 30-November 3, 2017, Dallas, TX, USA POSTER: Vulnerability Discovery with Function Representation Learning from Unlabeled Projects Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan Yang Xiang School of Information Technology, Deakin University, Australia Geelong, VIC {lingu,jun.zhang,wei.luo,l.pan}@deakin.edu.au Digital Research & Innovation Capability Platform, Swinburne University of Technology, Australia Melbourne, VIC yxiang@swin.edu.au In this paper, we propose an approach for function-level vulnerability detection on cross-project scenario. We overcome the difficulty of obtaining manual labels by leveraging well-understood complexity metrics (used as a proxy), which can be automatically generated at large scales. Such complexity metrics data are subsequently used to bootstrap the generation of rich representations of the abstract syntax trees (ASTs) of functions. Our approach builds on the assumption that vulnerable programming patterns are associated with many potential vulnerabilities, and these patterns can be discovered by analyzing the program ™s ASTs. To capture local and relational features in a function, we use bi-directional Long Short-Term Memory (LSTM) [3] networks for learning highlevel representations of ASTs. Our empirical studies illustrate that the obtained representations reveals important signals which can distinguish between neutral and vulnerable functions. Our contributions can be summarized as follows: ¢ We propose a learning 
TI - POSTER: Vulnerability Discovery with Function Representation Learning from Unlabeled Projects
DA - 2017-10-30
UR - https://www.deepdyve.com/lp/association-for-computing-machinery/poster-vulnerability-discovery-with-function-representation-learning-N16QhuIgsl
DP - DeepDyve
ER -