Your search keyword '"software security"' showing total 533 results

1. What goes wrong during phishing education? A probe into a game-based assessment with unfavorable results

Author

Yasin, Affan, Fatima, Rubia, Wen, Lijie, JiangBin, Zheng, and Niazi, Mahmood

Published

2025

2. SecureQwen: Leveraging LLMs for vulnerability detection in python codebases

Author

Mechri, Abdechakour, Ferrag, Mohamed Amine, and Debbah, Merouane

Published

2025

3. Accurate code fragment clone detection and its application in identifying known CVE clones.

Author

Arutunian, Mariam, Sargsyan, Sevak, Hovhannisyan, Hripsime, Khroyan, Garnik, Mkrtchyan, Albert, Movsisyan, Hovhannes, Avetisyan, Arutyun, and Aslanyan, Hayk

Abstract

This article presents a novel method for detecting copied code fragments called clones, which is then utilized to identify known common vulnerabilities and exposures copies. The proposed method is versatile and applicable to both source and binary code. It overcomes the limitations of existing tools that typically focus on detecting entire function clones and specializing in either source or binary code, but not both. The method outputs all the detected clones by comparing the provided code fragment against the target project. It employs program dependence graphs—a data structure that unifies data and control dependencies for the function to achieve high accuracy. Experimental evaluations of real-world projects and benchmarks demonstrate the high precision of the proposed method. Furthermore, we successfully applied this method to detect clones of known common vulnerabilities and exposures in source code and uncovered vulnerabilities in actual software. The detected vulnerabilities were confirmed by the community, validating the effectiveness of the proposed method. [ABSTRACT FROM AUTHOR]

Published

2025

4. Enhancing Security in Software Design Patterns and Antipatterns: A Framework for LLM-Based Detection.

Author

Andrade, Roberto, Torres, Jenny, and Ortiz-Garcés, Iván

Subjects

LANGUAGE models, COMPUTER software security, COMPUTER security vulnerabilities, DESIGN software, SOFTWARE architecture

Abstract

The detection of security vulnerabilities in software design patterns and antipatterns is crucial for maintaining robust and maintainable systems, particularly in dynamic Continuous Integration/Continuous Deployment (CI/CD) environments. Traditional static analysis tools, while effective for identifying isolated issues, often lack contextual awareness, leading to missed vulnerabilities and high rates of false positives. This paper introduces a novel framework leveraging Large Language Models (LLMs) to detect and mitigate security risks in design patterns and antipatterns. By analyzing relationships and behavioral dynamics in code, LLMs provide a nuanced, context-aware approach to identifying issues such as unauthorized state changes, insecure communication, and improper data handling. The proposed framework integrates key security heuristics—such as the principles of least privilege and input validation—to enhance LLM performance. An evaluation of the framework demonstrates its potential to outperform traditional tools in terms of accuracy and efficiency, enabling the proactive detection and remediation of vulnerabilities in real time. This study contributes to the field of software engineering by offering an innovative methodology for securing software systems using LLMs, promoting both academic research and practical application in industry settings. [ABSTRACT FROM AUTHOR]

Published

2025

5. A systematic literature review of security and privacy by design principles, norms, and strategies for digital technologies.

Author

Del-Real, Cristina, De Busser, Els, and van den Berg, Bibi

Subjects

*GENERAL Data Protection Regulation, 2016, *SECURITY systems software, *DESIGN software, *SOFTWARE architecture, *DIGITAL libraries

Abstract

This paper offers a comparative systematic literature review of the key principles, norms, and strategies associated with Security by Design (SbD) and Privacy by Design (PbD). Both frameworks are grounded in the idea that security and privacy should be integral components of digital technologies from the very beginning of the design process. Following PRISMA guidelines, we reviewed 82 documents sourced from databases such as the ACM Digital Library, EBSCO Library, IEEE Xplore, ProQuest, Scopus, and Web of Science. Our analysis reveals that SbD and PbD share four fundamental principles: prevention/proactiveness, embeddedness, user-centricity, and transparency. The review also highlights the solid regulatory foundation of PbD, particularly under the General Data Protection Regulation (GDPR), compared to the emerging regulatory context for SbD. Additionally, we explore a range of strategies, from organizational cultural changes to technical interventions, that illustrate the nuanced approaches taken to implement these paradigms. We conclude by discussing the broader implications of these findings and suggesting directions for future research, aiming to contribute to the development of technologies that are both secure and respectful of privacy, while also advocating for integrated frameworks that enhance digital trust. [ABSTRACT FROM AUTHOR]

Published

2025

6. Vulnerabilities and Security Patches Detection in OSS: A Survey.

Author

Lin, Ruyan, Fu, Yulong, Yi, Wei, Yang, Jincheng, Cao, Jin, Dong, Zhiqiang, Xie, Fei, and Li, Hui

Subjects

*LANGUAGE models, *ARTIFICIAL neural networks, *GRAPH neural networks, *GENERATIVE pre-trained transformers, *DATA structures, *DEEP learning, *PYTHON programming language

Published

2025

7. Question–Answer Methodology for Vulnerable Source Code Review via Prototype-Based Model-Agnostic Meta-Learning.

Author

Corona-Fraga, Pablo, Hernandez-Suarez, Aldo, Sanchez-Perez, Gabriel, Toscano-Medina, Linda Karina, Perez-Meana, Hector, Portillo-Portillo, Jose, Olivares-Mercado, Jesus, and García Villalba, Luis Javier

Subjects

LANGUAGE models, PROGRAMMING languages, SOURCE code, COMPUTER software security, KNOWLEDGE transfer

Abstract

In cybersecurity, identifying and addressing vulnerabilities in source code is essential for maintaining secure IT environments. Traditional static and dynamic analysis techniques, although widely used, often exhibit high false-positive rates, elevated costs, and limited interpretability. Machine Learning (ML)-based approaches aim to overcome these limitations but encounter challenges related to scalability and adaptability due to their reliance on large labeled datasets and their limited alignment with the requirements of secure development teams. These factors hinder their ability to adapt to rapidly evolving software environments. This study proposes an approach that integrates Prototype-Based Model-Agnostic Meta-Learning(Proto-MAML) with a Question-Answer (QA) framework that leverages the Bidirectional Encoder Representations from Transformers (BERT) model. By employing Few-Shot Learning (FSL), Proto-MAML identifies and mitigates vulnerabilities with minimal data requirements, aligning with the principles of the Secure Development Lifecycle (SDLC) and Development, Security, and Operations (DevSecOps). The QA framework allows developers to query vulnerabilities and receive precise, actionable insights, enhancing its applicability in dynamic environments that require frequent updates and real-time analysis. The model outputs are interpretable, promoting greater transparency in code review processes and enabling efficient resolution of emerging vulnerabilities. Proto-MAML demonstrates strong performance across multiple programming languages, achieving an average precision of 98.49 % , recall of 98.54 % , F1-score of 98.78 % , and exact match rate of 98.78 % in PHP, Java, C, and C++. [ABSTRACT FROM AUTHOR]

Published

2025

8. Enhancing DevSecOps practice with Large Language Models and Security Chaos Engineering.

Author

Bedoya, Martin, Palacios, Sara, Díaz-López, Daniel, Laverde, Estefania, and Nespoli, Pantaleone

Subjects

*LANGUAGE models, *COMPUTER software security, *RATE of return, *CLOUD computing, *FOREIGN language education

Abstract

Recently, the DevSecOps practice has improved companies' agile production of secure software, reducing problems and improving return on investment. However, overreliance on security tools and traditional security techniques can facilitate the implementation of vulnerabilities in different stages of the software lifecycle.. Thus, this paper proposes the integration of a Large Language Model to help automate threat discovery at the design stage and Security Chaos Engineering to support the identification of security flaws that may be undetected by security tools. A specific use case is described to demonstrate how our proposal can be applied to a retail company that has the business need to produce rapidly secure software. [ABSTRACT FROM AUTHOR]

Published

2024

9. MultiTagging: A Vulnerable Smart Contract Labeling and Evaluation Framework.

Author

Alsunaidi, Shikah J., Aljamaan, Hamoud, and Hammoudeh, Mohammad

Subjects

COMPUTER security vulnerabilities, COMPUTER software security, DATA analysis, VOTING, TAXONOMY

Abstract

Identifying vulnerabilities in Smart Contracts (SCs) is crucial, as they can lead to significant financial losses if exploited. Although various SC vulnerability identification methods exist, selecting the most effective approach remains challenging. This article examines these challenges and introduces solutions to enhance SC vulnerability identification. It introduces MultiTagging, a modular SC multi-labeling framework designed to overcome limitations in existing SC vulnerability identification approaches. MultiTagging automates SC vulnerability tagging by parsing analysis reports and mapping tool-specific tags to standardized labels, including SC Weakness Classification (SWC) codes and Decentralized Application Security Project (DASP) ranks. Its mapping strategy and the proposed vulnerability taxonomy resolve tool-level labeling inconsistencies, where different tools use distinct labels for identical vulnerabilities. The framework integrates an evaluation module to assess SC vulnerability identification methods. MultiTagging enables both tool-based and vote-based SC vulnerability labeling. To improve labeling accuracy, the article proposes Power-based voting, a method that systematically defines voter roles and voting thresholds for each vulnerability. MultiTagging is used to evaluate labeling across six tools: MAIAN, Mythril, Semgrep, Slither, Solhint, and VeriSmart. The results reveal high coverage for Mythril, Slither, and Solhint, which identified eight, seven, and six DASP classes, respectively. Tool performance varied, underscoring the impracticality of relying on a single tool to identify all vulnerability classes. A comparative evaluation of Power-based voting and two threshold-based methods—AtLeastOne and Majority voting—shows that while voting methods can increase vulnerability identification coverage, they may also reduce detection performance. Power-based voting proved more effective than pure threshold-based methods across all vulnerability classes. [ABSTRACT FROM AUTHOR]

Published

2024

10. A Toolchain for Assisting Migration of Software Executables Towards Post-Quantum Cryptography

Author

Norrathep Rattanavipanon, Jakapan Suaboot, and Warodom Werapun

Subjects

Binary analysis, post-quantum cryptography, post-quantum migration, software security, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Quantum computing poses a significant global threat to modern security mechanisms. As such, security experts and public sectors have issued guidelines to help organizations transition their software to post-quantum cryptography (PQC). However, there is a lack of (semi-)automatic tools to support this transition, particularly for software deployed as binary executables. To address this gap, in this work, we first propose a set of requirements necessary for this type of tool to detect quantum-vulnerable software executables. Following these requirements, we introduce $\mathsf {QED}$ : a toolchain for Quantum-vulnerable Executable Detection. $\mathsf {QED}$ uses a three-phase approach to identify quantum-vulnerable dependencies in a given set of executables, from file-level to API-level, and finally, precise identification of a static trace that triggers a quantum-vulnerable API. The key benefit of this design is that it provides efficiency without compromising accuracy, as it incorporates fast initial analyses to filter out executables unlikely to be quantum-vulnerable that in turn allows the more resource-intensive analysis to be performed on a smaller subset of executables. To demonstrate this claim, we evaluate $\mathsf {QED}$ on both a synthetic dataset with four cryptography libraries and a real-world dataset with over 200 software executables. The results show that: 1) $\mathsf {QED}$ discerns quantum-vulnerable from quantum-safe executables with 100% accuracy in the synthetic dataset; 2) $\mathsf {QED}$ is practical and scalable, completing analyses on average in less than 4 seconds per real-world executable; and 3) $\mathsf {QED}$ reduces the manual workload required by analysts to identify quantum-vulnerable executables in the real-world dataset by more than 90%.

Published

2025

11. SmartLLMSentry: A Comprehensive LLM Based Smart Contract Vulnerability Detection Framework

Author

Oualid Zaazaa and Hanan El Bakkali

Subjects

smart contract, vulnerability, software security, blockchain, large language models, Technology

Abstract

Smart contracts are essential for managing digital assets in blockchain networks, highlighting the need for effective security measures. This paper introduces SmartLLMSentry, a novel framework that leverages large language models (LLMs), specifically ChatGPT with in-context training, to advance smart contract vulnerability detection. Traditional rule-based frameworks have limitations in integrating new detection rules efficiently. In contrast, SmartLLMSentry utilizes LLMs to streamline this process. We created a specialized dataset of five randomly selected vulnerabilities for model training and evaluation. Our results show an exact match accuracy of 91.1% with sufficient data, although GPT-4 demonstrated reduced performance compared to GPT-3 in rule generation. This study illustrates that SmartLLMSentry significantly enhances the speed and accuracy of vulnerability detection through LLM-driven rule integration, offering a new approach to improving Blockchain security and addressing previously underexplored vulnerabilities in smart contracts.

Published

2024

12. A Systematic Literature Review on Automated Software Vulnerability Detection Using Machine Learning.

Author

Shiri Harzevili, Nima, Boaye Belle, Alvine, Wang, Junjie, Wang, Song, Jiang, Zhen Ming, and Nagappan, Nachiappan

Subjects

*ARTIFICIAL neural networks, *GRAPH neural networks, *COMPUTER engineering, *CONVOLUTIONAL neural networks, *COMPUTER security vulnerabilities, *DEEP learning

Published

2025

13. eGMT-Fuzz: Format-Aware Deep Fuzzing of Cryptographic Protocols

Author

Angel Lomeli and Arto Niemi

Subjects

fuzz testing, transport layer security, software security, Telecommunication, TK5101-6720

Abstract

Fuzzing has established itself as an everyday tool in the toolbox of the security-minded software developer. Fuzzers have proven especially effective in discovering vulnerabilities that are rarely triggered during regular program execution. Interactive cryptographic protocols, however, are challenging to fuzz. Messages in such protocols must pass cryptographic validation such as integrity and freshness checks, before execution can reach deeper portions of the protocol implementation code. In this paper, we present a black box mutation-based fuzzer for deep fuzzing of interactive cryptographic protocols. To create messages that mostly conform to the protocol syntax but are syntactically or semantically unexpected, we use syntax tree mutation. Our architecture includes a pluggable component that allows mutated inputs to pass protocol-specific cryptographic checks. We evaluate the efficacy of our fuzzer on an embed- ded Transport Layer Security (TLS) implementation, where we deeply fuzz both TLS handshake messages and X.509 public-key certificates, discovering several hard-to-reach vulnerabilities.

Published

2024

14. A SWOT Analysis of Software Development Life Cycle Security Metrics.

Author

Khalid, Ayesha, Raza, Mushtaq, Afsar, Palwasha, Khan, Rafiq Ahmad, Mohmand, Muhammad Ismail, and Rahman, Hanif Ur

Subjects

*SOFTWARE engineering, *COMPUTER software security, *COMPUTER software development, *SECURITY systems, *INTERNET security

Abstract

ABSTRACT Cyber security is an ongoing and critical concern due to persistent threats posed by threat actors, such as hackers and crackers. With the development of information and communication technologies (ICT), the widespread usage of software systems has transformed modern society in many ways but also created new issues in protecting confidential and sensitive information. The quantification of security measures can provide evidence to support decision‐making in software security, particularly when assessing the security performance of software systems. This entails understanding the key quality criteria of security metrics, which can assist in constructing security models aligned with practical requirements. To delve deeper into this subject, the current study conducted a systematic literature review (SLR) on security metrics and measures within the realm of secure software development (SSD). The study selected 61 research publications for data extraction based on the specific inclusion and exclusion criteria. The study identified 215 software security metrics and classified them into different phases of software development life cycle (SDLC). In order to evaluate the most cited metrics in each phase of SDLC, the strengths, weaknesses, opportunities, and threats (SWOT) analysis was performed. The SWOT analysis offers a structured framework enabling researchers to make more effective, well‐informed decisions and mitigate potential risks, ultimately contributing to more valuable research findings. The study's findings provide researchers guidance for exploring emerging trends and addressing existing gaps in SDLC. This study also provides software professionals with a more comprehensive understanding of security measurements, constraints, and open‐ended specific and general issues. [ABSTRACT FROM AUTHOR]

Published

2024

15. Early mitigation of CPU-optimized ransomware using monitoring encryption instructions.

Author

Enomoto, Shuhei, Kuzuno, Hiroki, Yamada, Hiroshi, Shiraishi, Yoshiaki, and Morii, Masakatu

Subjects

*ANTIVIRUS software, *COMPUTER software security, *COMMUNICATION infrastructure, *COMPUTER systems, *CLOUD computing, *RANSOMWARE

Abstract

Ransomware attacks pose a significant threat to information systems. Server hosts, including cloud infrastructure as a service, are prime targets for ransomware developers. To address this, security mechanisms, such as antivirus software, have proven effective. Moreover, research on ransomware detection advocates for behavior-based finding mechanisms while ransomware is in operation. In response to evolving detections, ransomware developers are now adapting an optimized design tailored for CPU architecture (CPU-optimized ransomware). This variant can rapidly encrypt files, potentially evading detection by traditional antivirus methods that rely on fixed time intervals for file scans. In ransomware detection research, numerous files can be encrypted by CPU-optimized ransomware until malicious activity is detected. This study proposes an early mitigation mechanism named CryptoSniffer, which is designed specifically to counter CPU-optimized ransomware attacks on server hosts. CryptoSniffer focuses on the misuse of CPU architecture-specific encryption instructions for swift file encryption by CPU-optimized ransomware. This can be achieved by capturing the ciphertext in user processes and thwarting file encryption by scrutinizing the content intended for writing. To demonstrate the efficacy of CryptoSniffer, the mechanism was implemented in the latest Linux kernel, and its security and performance were systematically evaluated. The experimental results demonstrate that CryptoSniffer successfully prevents real-world CPU-optimized ransomware, and the performance overhead is well-suited for practical applications. [ABSTRACT FROM AUTHOR]

Published

2024

16. TACSan: Enhancing Vulnerability Detection with Graph Neural Network.

Author

Zeng, Qingyao, Xiong, Dapeng, Wu, Zhongwang, Qian, Kechang, Wang, Yu, and Su, Yinghao

Subjects

GRAPH neural networks, SOURCE code, COMPUTER software security, LEXICAL access, COMPUTER software

Abstract

With the increasing scale and complexity of software, the advantages of using neural networks for static vulnerability detection are becoming increasingly prominent. Before inputting into a neural network, the source code needs to undergo word embedding, transforming discrete high-dimensional text data into low-dimensional continuous vectors suitable for training in neural networks. However, analysis has revealed that different implementation ideas by code writers for the same functionality can lead to varied code implementation methods. Embedding different code texts into vectors results in distinctions that can reduce the robustness of a model. To address this issue, this paper explores the impact of converting source code into different forms on word embedding and finds that a TAC (Three-Address Code) can significantly eliminate noise caused by different code implementation approaches. Given the excellent capability of a GNN (Graph Neural Network) in handling non-Euclidean space data and complex features, this paper subsequently employs a GNN to learn and classify vulnerabilities by capturing the implicit syntactic structure information in a TAC. Based on this, this paper introduces TACSan, a novel static vulnerability detection system based on a GNN designed to detect vulnerabilities in C/C++ programs. TACSan transforms the preprocessed source code into a TAC representation, adds control and data edges to create a graph structure, and then inputs it into the GNN for training. Comparative testing and evaluation of TACSan against other renowned static analysis tools, such as VulDeePecker and Devign, demonstrate that TACSan's detection capabilities not only exceed those methods but also achieve substantial enhancements in accuracy and F1 score. [ABSTRACT FROM AUTHOR]

Published

2024

17. Multi-class vulnerability prediction using value flow and graph neural networks.

Author

McLaughlin, Connor and Lu, Yi

Subjects

*GRAPH neural networks, *MACHINE learning, *KNOWLEDGE representation (Information theory), *COMPUTER security vulnerabilities, *COMPUTER software security

Abstract

In recent years, machine learning models have been increasingly used to detect security vulnerabilities in software, due to their ability to achieve high performance and lower false positive rates compared to traditional program analysis tools. However, these models often lack the capability to provide a clear explanation for why a program has been flagged as vulnerable, leaving developers with little reasoning to work with. We present a new method which not only identifies the presence of vulnerabilities in a program, but also the specific type of error, considering the whole program rather than just individual functions. Our approach utilizes graph neural networks that employ inter-procedural value flow graphs, and instruction embedding from the LLVM Intermediate Representation, to predict a class. By mapping these classes to the Common Weakness Enumeration list, we provide a clear indication of the security issue found, saving developers valuable time which would otherwise be spent analyzing a binary vulnerable/non-vulnerable label. To evaluate our method's effectiveness, we used two datasets: one containing memory-related errors (out of bound array accesses), and the other a range of vulnerabilities from the Juliet Test Suite, including buffer and integer overflows, format strings, and invalid frees. Our model, implemented using PyTorch and the Gated Graph Sequence Neural Network from Torch-Geometric, achieved a precision of 96.35 and 91.59% on the two datasets, respectively. Compared to common static analysis tools, our method produced roughly half the number of false positives, while identifying approximately three times the number of vulnerable samples. Compared to recent machine learning systems, we achieve similar performance while offering the added benefit of differentiating between classes. Overall, our approach represents a meaningful improvement in software vulnerability detection, providing developers with valuable insights to better secure their code. [ABSTRACT FROM AUTHOR]

Published

2024

18. Predicting software vulnerability based on software metrics: a deep learning approach

Author

Agbenyegah, Francis Kwadzo, Asante, Micheal, Chen, Jinfu, and Akpaku, Ernest

Published

2024

19. Algorithm for the functioning of the analysis and evaluation software package security of software of automated systems internal affairs bodies

Author

A. D. Popova

Subjects

automated system, software, software security, analysis and quantitative assessment of security level, algorithm, software package, Technology

Abstract

Objective. The purpose of the study is to construct an algorithm for the functioning of a software package that automates the process of analyzing and assessing the security of the software used and selecting its most secure version for use at informatization facilities of internal affairs bodies.Method. During the study, we used: a method of a systematic approach to determining software security indicators, a method of mathematical formalization and algorithmization of the process of analyzing and assessing software security for developing program code.Result. An algorithm for the functioning of a software complex is proposed that allows for analysis and quantitative assessment of the security of software of automated systems of internal affairs bodies in relation to current vulnerabilities in real time. The algorithm is complex in nature, including five component algorithms. The operation of the main blocks of the algorithm is described.Conclusion. Conclusions are drawn about the importance of the practical implementation of the developed algorithm in the form of a software package that selects the optimal (most secure) version of software for operation at informatization facilities of internal affairs bodies in order to increase the actual security of limited-distribution official information.

Published

2024

20. NG_MDERANK: A software vulnerability feature knowledge extraction method based on N‐gram similarity.

Author

Wu, Xiaoxue, Weng, Shiyu, Zheng, Bin, Zheng, Wei, Chen, Xiang, and Sun, Xiaobin

Subjects

*COMPUTER security vulnerabilities, *COMPUTER software security, *KNOWLEDGE graphs, *FEATURE extraction, *PROBLEM solving, *DATA extraction

Abstract

As software grows in size and complexity, software vulnerabilities are increasing, leading to a range of serious insecurity issues. Open‐source software vulnerability reports and documentation can provide researchers with great convenience for analysis and detection. However, the quality of different data sources varies, the data are duplicated and lack of correlation, which often requires a lot of manual management and analysis. In order to solve the problems of scattered and heterogeneous data and lack of correlation in traditional vulnerability repositories, this paper proposes a software vulnerability feature knowledge extraction method that combines the N‐gram model and mask similarity. The method generates mask text data based on the extraction of N‐gram candidate keywords and extracts vulnerability feature knowledge by calculating the similarity of mask text. This method analyzes the samples efficiently and stably in the environment of large sample size and complex samples and can obtain high‐value semi‐structured data. Then, the final node, relationship, and attribute information are obtained by secondary knowledge cleaning and extraction of the extracted semi‐structured data results. And based on the extraction results, the corresponding software vulnerability domain knowledge graph is constructed to deeply explore the semantic information features and entity relationships of vulnerabilities, which can help to efficiently study software security problems and solve vulnerability problems. The effectiveness and superiority of the proposed method is verified by comparing it with several traditional keyword extraction algorithms on Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) vulnerability data. [ABSTRACT FROM AUTHOR]

Published

2024

21. Software Vulnerability Fuzz Testing: A Mutation-Selection Optimization Systematic Review.

Author

Assiri, Fatmah Yousef and Aljahdali, Asia Othman

Subjects

COMPUTER security vulnerabilities, OPTIMIZATION algorithms, COMPUTER software testing, INTERNET security

Abstract

As software vulnerabilities can cause cybersecurity threats and have severe consequences, it is necessary to develop effective techniques to discover such vulnerabilities. Fuzzing is one of the most widely employed approaches that has been adapted for software testing. The mutation-based fuzzing approach is currently the most popular. The state-of-the-art American Fuzzy Lop (AFL) selects mutations randomly and lacks knowledge of mutation operations that are more helpful in a particular stage. This study performs a systematic review to identify and analyze existing approaches that optimize the selection of mutation operations. The main contributions of this work are to draw attention to the importance of mutation operator selection, identify optimization algorithms for mutation operator selection, and investigate their impact on fuzzing testing in terms of code coverage and finding new vulnerabilities. The investigation shows the effectiveness and advantages of optimizing the selection of mutation operations to achieve higher code coverage and find more vulnerabilities. [ABSTRACT FROM AUTHOR]

Published

2024

22. Software Vulnerability Mining and Analysis Based on Deep Learning.

Author

Zhao, Shibin, Zhu, Junhu, and Peng, Jianshan

Subjects

MACHINE learning, ARTIFICIAL neural networks, ARTIFICIAL intelligence, COMPUTER software development, COMPUTER security vulnerabilities, DEEP learning

Abstract

In recent years, the rapid development of computer software has led to numerous security problems, particularly software vulnerabilities. These flaws can cause significant harm to users' privacy and property. Current security defect detection technology relies on manual or professional reasoning, leading to missed detection and high false detection rates. Artificial intelligence technology has led to the development of neural network models based on machine learning or deep learning to intelligently mine holes, reducing missed alarms and false alarms. So, this project aims to study Java source code defect detection methods for defects like null pointer reference exception, XSS (Transform), and Structured Query Language (SQL) injection. Also, the project uses open-source Javalang to translate the Java source code, conducts a deep search on the AST to obtain the empty syntax feature library, and converts the Java source code into a dependency graph. The feature vector is then used as the learning target for the neural network. Four types of Convolutional Neural Networks (CNN), Long Short-Term Memory (LSTM), Bi-directional Long Short-Term Memory (BiLSTM), and Attention Mechanism + Bidirectional LSTM, are used to investigate various code defects, including blank pointer reference exception, XSS, and SQL injection defects. Experimental results show that the attention mechanism in two-dimensional BLSTM is the most effective for object recognition, verifying the correctness of the method. [ABSTRACT FROM AUTHOR]

Published

2024

23. A catalog of metrics at source code level for vulnerability prediction: A systematic mapping study.

Author

Codabux, Zadia, Zakia Sultana, Kazi, and Chowdhury, Md Naseef‐Ur‐Rahman

Subjects

*MACHINE learning, *SOFTWARE measurement, *SOURCE code, *COMPUTER software security, *RANDOM forest algorithms, *COMPUTER security vulnerabilities

Abstract

Industry practitioners assess software from a security perspective to reduce the risks of deploying vulnerable software. Besides following security best practice guidelines during the software development life cycle, predicting vulnerability before roll‐out is crucial. Software metrics are popular inputs for vulnerability prediction models. The objective of this study is to provide a comprehensive review of the source code‐level security metrics presented in the literature. Our systematic mapping study started with 1451 studies obtained by searching the four digital libraries from ACM, IEEE, ScienceDirect, and Springer. After applying our inclusion/exclusion criteria as well as the snowballing technique, we narrowed down 28 studies for an in‐depth study to answer four research questions pertaining to our goal. We extracted a total of 685 code‐level metrics. For each study, we identified the empirical methods, quality measures, types of vulnerabilities of the prediction models, and shortcomings of the work. We found that standard machine learning models, such as decision trees, regressions, and random forests, are most frequently used for vulnerability prediction. The most common quality measures are precision, recall, accuracy, and F‐measure. Based on our findings, we conclude that the list of software metrics for measuring code‐level security is not universal or generic yet. Nonetheless, the results of our study can be used as a starting point for future studies aiming at improving existing security prediction models and a catalog of metrics for vulnerability prediction for software practitioners. [ABSTRACT FROM AUTHOR]

Published

2024

24. Enhancing Software Code Vulnerability Detection Using GPT-4o and Claude-3.5 Sonnet: A Study on Prompt Engineering Techniques.

Author

Bae, Jaehyeon, Kwon, Seoryeong, and Myeong, Seunghwan

Subjects

COMPUTER security vulnerabilities, LANGUAGE models, SONNET, COMPUTER software security, GENERATIVE pre-trained transformers

Abstract

This study investigates the efficacy of advanced large language models, specifically GPT-4o, Claude-3.5 Sonnet, and GPT-3.5 Turbo, in detecting software vulnerabilities. Our experiment utilized vulnerable and secure code samples from the NIST Software Assurance Reference Dataset (SARD), focusing on C++, Java, and Python. We employed three distinct prompting techniques as follows: Concise, Tip Setting, and Step-by-Step. The results demonstrate that GPT-4o and Claude-3.5 Sonnet significantly outperform GPT-3.5 Turbo in vulnerability detection. GPT-4o showed the highest improvement with the Step-by-Step prompt, achieving an F1 score of 0.9072. Claude-3.5 Sonnet exhibited consistent high performance across all prompt types, with its Step-by-Step prompt yielding the best overall results (F1 score: 0.8933, AUC: 0.74). In contrast, GPT-3.5 Turbo showed minimal performance changes across prompts, with the Tip Setting prompt performing best (AUC: 0.65, F1 score: 0.6772), yet significantly lower than the other models. Our findings highlight the potential of advanced models in enhancing software security and underscore the importance of prompt engineering in optimizing their performance. [ABSTRACT FROM AUTHOR]

Published

2024

25. Deep Domain Adaptation With Max-Margin Principle for Cross-Project Imbalanced Software Vulnerability Detection.

Author

Nguyen, Van, Le, Trung, Tantithamthavorn, Chakkrit, Grundy, John, and Phung, Dinh

Subjects

COMPUTER security vulnerabilities, ARTIFICIAL intelligence, COMPUTER software, COMPUTER software security, APPLICATION software, COMPUTER software testing

Abstract

Software vulnerabilities (SVs) have become a common, serious, and crucial concern due to the ubiquity of computer software. Many AI-based approaches have been proposed to solve the software vulnerability detection (SVD) problem to ensure the security and integrity of software applications (in both the development and testing phases). However, there are still two open and significant issues for SVD in terms of (i) learning automatic representations to improve the predictive performance of SVD, and (ii) tackling the scarcity of labeled vulnerability datasets that conventionally need laborious labeling effort by experts. In this paper, we propose a novel approach to tackle these two crucial issues. We first exploit the automatic representation learning with deep domain adaptation for SVD. We then propose a novel cross-domain kernel classifier leveraging the max-margin principle to significantly improve the transfer learning process of SVs from imbalanced labeled into imbalanced unlabeled projects. Our approach is the first work that leverages solid body theories of the max-margin principle, kernel methods, and bridging the gap between source and target domains for imbalanced domain adaptation (DA) applied in cross-project SVD. The experimental results on real-world software datasets show the superiority of our proposed method over state-of-the-art baselines. In short, our method obtains a higher performance on F1-measure, one of the most important measures in SVD, from 1.83% to 6.25% compared to the second highest method in the used datasets. [ABSTRACT FROM AUTHOR]

Published

2024

26. RAMA: a risk assessment solution for healthcare organizations.

Author

Smyrlis, Michail, Floros, Evangelos, Basdekis, Ioannis, Prelipcean, Dumitru-Bogdan, Sotiropoulos, Aristeidis, Debar, Herve, Zarras, Apostolis, and Spanoudakis, George

Subjects

*DIGITAL technology, *MEDICAL records, *INTERNET security, *INTERNET privacy, *RISK assessment, *ECOLOGICAL risk assessment

Abstract

Recent cyber-attacks targeting healthcare organizations underscore the growing prevalence of the sector as a prime target for malicious activities. As healthcare systems manage and store sensitive personal health information, the imperative for robust cyber security and privacy protocols becomes increasingly evident. Consequently, healthcare institutions are compelled to actively address the intricate cyber security risks inherent in their digital ecosystems. In response, we present RAMA, a risk assessment solution designed to evaluate the security status of cyber systems within critical domain, such as the healthcare one. By leveraging RAMA, both local stakeholders, such as the hospital's IT personnel, and global actors, including external parties, can assess their organization's cyber risk profile. Notably, RAMA goes beyond risk quantification; it facilitates a comparative analysis by enabling organizations to measure their performance against average aggregated mean scores, fostering a culture of continuous improvement in cyber security practices. The practical efficacy of RAMA is demonstrated through its deployment across four real-world healthcare IT infrastructures. This study not only underscores the significance of addressing cyber security risks within healthcare but also highlights the value of innovative solutions like RAMA in safeguarding sensitive health information and enhancing the sector's overall cyber resilience. [ABSTRACT FROM AUTHOR]

Published

2024

27. WolfFuzz: A Dynamic, Adaptive, and Directed Greybox Fuzzer.

Author

Zeng, Qingyao, Xiong, Dapeng, Wu, Zhongwang, Qian, Kechang, Wang, Yu, and Su, Yinghao

Subjects

GREY Wolf Optimizer algorithm, COMPUTER software security

Abstract

As the directed greybox fuzzing (DGF) technique advances, it is being extensively utilized in various fields such as defect reproduction, patch testing, and vulnerability identification. Nevertheless, current DGFs waste a significant amount of resources due to their simplistic distance definitions and overly straightforward energy distribution for the seeds. To address these issues, a dynamic distance-weighting-based distance estimation strategy is proposed first, which facilitates strategies for seed distribution that take energy into consideration. Second, to overcome the limitations of current seed energy distribution strategies, the gray wolf optimizer (GWO) is improved by integrating four strategies, leading to the development of the improved gray wolf optimizer (IGWO). Lastly, an adaptive search algorithm is proposed, and the WolfFuzz prototype tool is implemented. In vulnerability recurrence scenarios, WolfFuzz is 3.2× faster on average compared with the baseline and reproduces 76.4% of existing bugs faster. WolfFuzz also discovers nine different types of bugs in seven real-world programs. [ABSTRACT FROM AUTHOR]

Published

2024

28. A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive Systems.

Author

Li, Nianyu, Zhang, Mingyue, Li, Jialong, Adepu, Sridhar, Kang, Eunsuk, and Jin, Zhi

Subjects

MACHINE translating, MULTIPLAYER games, WATER purification, GAME theory, MODEL theory, PHYSIOLOGICAL adaptation, COMPUTER software security

Abstract

Security attacks present unique challenges to the design of self-adaptation mechanism for software-intensive systems due to the adversarial nature of the environment. Game-theoretical approaches have been explored in security to model malicious behaviors and design reliable defense for the system in a mathematically grounded manner. However, modeling the system as a single player, as done in prior works, is insufficient for the system under partial compromise and for the design of fine-grained defensive policies where the rest of the system with autonomy can cooperate to mitigate the impact of attacks. To address such issues, we propose a new self-adaptation framework incorporating Bayesian game theory and model the defender (i.e., the system) at the granularity of components. Under security attacks, the architecture model of the system is automatically translated, by the proposed translation process with designed algorithms, into a multi-player Bayesian game. This representation allows each component to be modeled as an independent player, while security attacks are encoded as variant types for the components. By solving for pure equilibrium (i.e., adaptation response), the system's optimal defensive strategy is dynamically computed, enhancing system resilience against security attacks by maximizing system utility. We validate the effectiveness of our framework through two sets of experiments using generic benchmark tasks tailored for the security domain. Additionally, we exemplify the practical application of our approach through a real-world implementation in the Secure Water Treatment System to demonstrate the applicability and potency in mitigating security risks. [ABSTRACT FROM AUTHOR]

Published

2024

29. Automated Mapping of Vulnerability Advisories onto their Fix Commits in Open Source Repositories.

Author

Hommersom, Daan, Sabetta, Antonino, Coppola, Bonaventura, Nucci, Dario Di, and Tamburri, Damian A.

Subjects

MACHINE learning, COMPUTER security vulnerabilities, DATABASES, INSTITUTIONAL repositories, SOURCE code, NATURAL language processing

Abstract

The lack of comprehensive sources of accurate vulnerability data represents a critical obstacle to studying and understanding software vulnerabilities (and their corrections). In this article, we present an approach that combines heuristics stemming from practical experience and machine-learning (ML)—specifically, natural language processing (NLP)—to address this problem. Our method consists of three phases. First, we construct an advisory record object containing key information about a vulnerability that is extracted from an advisory, such as those found in the National Vulnerability Database (NVD). These advisories are expressed in natural language. Second, using heuristics, a subset of candidate fix commits is obtained from the source code repository of the affected project, by filtering out commits that can be identified as unrelated to the vulnerability at hand. Finally, for each of the remaining candidate commits, our method builds a numerical feature vector reflecting the characteristics of the commit that are relevant to predicting its match with the advisory at hand. Based on the values of these feature vectors, our method produces a ranked list of candidate fixing commits. The score attributed by the ML model to each feature is kept visible to the users, allowing them to easily interpret the predictions. We implemented our approach and we evaluated it on an open data set, built by manual curation, that comprises 2,391 known fix commits corresponding to 1,248 public vulnerability advisories. When considering the top-10 commits in the ranked results, our implementation could successfully identify at least one fix commit for up to 84.03% of the vulnerabilities (with a fix commit on the first position for 65.06% of the vulnerabilities). Our evaluation shows that our method can reduce considerably the manual effort needed to search open-source software (OSS) repositories for the commits that fix known vulnerabilities. [ABSTRACT FROM AUTHOR]

Published

2024

30. Vulnerability detection in Java source code using a quantum convolutional neural network with self-attentive pooling, deep sequence, and graph-based hybrid feature extraction

Author

Shumaila Hussain, Muhammad Nadeem, Junaid Baber, Mohammed Hamdi, Adel Rajab, Mana Saleh Al Reshan, and Asadullah Shaikh

Subjects

Vulnerability detection, Self-attentive QCNN, Feature extraction, Hybrid GCN, Software security, CodeBERT, Medicine, Science

Abstract

Abstract Software vulnerabilities pose a significant threat to system security, necessitating effective automatic detection methods. Current techniques face challenges such as dependency issues, language bias, and coarse detection granularity. This study presents a novel deep learning-based vulnerability detection system for Java code. Leveraging hybrid feature extraction through graph and sequence-based techniques enhances semantic and syntactic understanding. The system utilizes control flow graphs (CFG), abstract syntax trees (AST), program dependencies (PD), and greedy longest-match first vectorization for graph representation. A hybrid neural network (GCN-RFEMLP) and the pre-trained CodeBERT model extract features, feeding them into a quantum convolutional neural network with self-attentive pooling. The system addresses issues like long-term information dependency and coarse detection granularity, employing intermediate code representation and inter-procedural slice code. To mitigate language bias, a benchmark software assurance reference dataset is employed. Evaluations demonstrate the system's superiority, achieving 99.2% accuracy in detecting vulnerabilities, outperforming benchmark methods. The proposed approach comprehensively addresses vulnerabilities, including improper input validation, missing authorizations, buffer overflow, cross-site scripting, and SQL injection attacks listed by common weakness enumeration (CWE).

Published

2024

31. A Survey of Binary Code Similarity Detection Techniques.

Author

Ruan, Liting, Xu, Qizhen, Zhu, Shunzhi, Huang, Xujing, and Lin, Xinyang

Subjects

BINARY codes, COMPUTER software security, COMPUTER software development, SOURCE code, MATHEMATICAL optimization

Abstract

Binary Code Similarity Detection is a method that involves comparing two or more binary code segments to identify their similarities and differences. This technique plays a crucial role in areas such as software security, vulnerability detection, and software composition analysis. With the extensive use of binary code in software development and system optimization, binary code similarity detection has become an important area of research. Traditional methods of source code similarity detection face challenges when dealing with the unreadable and complex nature of binary code, necessitating specialized techniques and algorithms. This review compares and summarizes various techniques and methods of binary code similarity detection, highlighting their strengths and limitations in handling different characteristics of binary code. Additionally, the article suggests potential future research directions. As research and innovation in this technology continue to advance, binary code similarity detection is expected to play an increasingly significant role in fields like software security. [ABSTRACT FROM AUTHOR]

Published

2024

32. Data transmission channel protection organization in client-server software architecture.

Author

Krykunov, D.

Subjects

DATA transmission systems, ORGANIZATION management, CLIENT/SERVER computing, DATA encryption, DATA analysis

Abstract

The study is devoted to the organization of data transmission channel protection in software with a client-server architecture. In today's information environment, where data exchange takes place over the network, ensuring security becomes a critical task. The effectiveness of the data channel protection method in a client-server architecture program was developed and evaluated. A method has been developed that ensures encryption of messages from interception and data modification and prevents modification of the client software and abuse during its use. [ABSTRACT FROM AUTHOR]

Published

2024

33. Detecting SQL injection attacks by binary gray wolf optimizer and machine learning algorithms.

Author

Arasteh, Bahman, Aghaei, Babak, Farzad, Behnoud, Arasteh, Keyvan, Kiani, Farzad, and Torkamanian-Afshar, Mahsa

Subjects

*GREY Wolf Optimizer algorithm, *MACHINE learning, *ARTIFICIAL neural networks, *FEATURE selection, *DATABASES, *SQL, *WOLVES

Abstract

SQL injection is one of the important security issues in web applications because it allows an attacker to interact with the application's database. SQL injection attacks can be detected using machine learning algorithms. The effective features should be employed in the training stage to develop an optimal classifier with optimal accuracy. Identifying the most effective features is an NP-complete combinatorial optimization problem. Feature selection is the process of selecting the training dataset's smallest and most effective features. The main objective of this study is to enhance the accuracy, precision, and sensitivity of the SQLi detection method. In this study, an effective method to detect SQL injection attacks has been proposed. In the first stage, a specific training dataset consisting of 13 features was prepared. In the second stage, two different binary versions of the Gray-Wolf algorithm were developed to select the most effective features of the dataset. The created optimal datasets were used by different machine learning algorithms. Creating a new SQLi training dataset with 13 numeric features, developing two different binary versions of the gray wolf optimizer to optimally select the features of the dataset, and creating an effective and efficient classifier to detect SQLi attacks are the main contributions of this study. The results of the conducted tests indicate that the proposed SQL injection detector obtain 99.68% accuracy, 99.40% precision, and 98.72% sensitivity. The proposed method increases the efficiency of attack detection methods by selecting 20% of the most effective features. [ABSTRACT FROM AUTHOR]

Published

2024

34. There Are Infinite Ways to Formulate Code: How to Mitigate the Resulting Problems for Better Software Vulnerability Detection †.

Author

Groppe, Jinghua, Groppe, Sven, Senf, Daniel, and Möller, Ralf

Subjects

*COMPUTER security vulnerabilities, *NATURAL language processing, *DEEP learning, *PROCESS capability, *FASHION

Abstract

Given a set of software programs, each being labeled either as vulnerable or benign, deep learning technology can be used to automatically build a software vulnerability detector. A challenge in this context is that there are countless equivalent ways to implement a particular functionality in a program. For instance, the naming of variables is often a matter of the personal style of programmers, and thus, the detection of vulnerability patterns in programs is made difficult. Current deep learning approaches to software vulnerability detection rely on the raw text of a program and exploit general natural language processing capabilities to address the problem of dealing with different naming schemes in instances of vulnerability patterns. Relying on natural language processing, and learning how to reveal variable reference structures from the raw text, is often too high a burden, however. Thus, approaches based on deep learning still exhibit problems generating a detector with decent generalization properties due to the naming or, more generally formulated, the vocabulary explosion problem. In this work, we propose techniques to mitigate this problem by making the referential structure of variable references explicit in input representations for deep learning approaches. Evaluation results show that deep learning models based on techniques presented in this article outperform raw text approaches for vulnerability detection. In addition, the new techniques also induce a very small main memory footprint. The efficiency gain of memory usage can be up to four orders of magnitude compared to existing methods as our experiments indicate. [ABSTRACT FROM AUTHOR]

Published

2024

35. Vulnerability analysis based on Software Bill of Materials (SBOM): A model proposal for automated vulnerability scanning for CI/CD pipelines.

Author

Kağızmandere, Omercan and Arslan, Halil

Subjects

*SUPPLY chain management software, *COMPUTER security vulnerabilities, *PENETRATION testing (Computer security), *COMPUTER software security, *INTERNET security

Abstract

The software bill of materials (SBOM) emerged in 2018 as an important component in software security and software supply chain management. SBOM is an inventory presented as a list of the components that make up software. In recent years, whether software products contain vulnerabilities is a phenomenon that should be checked regularly by the users of that product. This paper deals with the systematic identification and vulnerability analysis of software components based on the concept of software bill of materials. The fact that a software product itself does not contain vulnerabilities does not mean that the software product is secure. Even if software projects do not contain any vulnerabilities when examined alone, there may be vulnerabilities in their components. Vulnerabilities in the dependencies or components of the product may be sufficient for cyber attackers to exploit that product. Minimizing the damage caused by vulnerabilities in software components is the basis of cyber security efforts. In this study, the necessity of automatically generating software bill of materials in software development/deployment environments and performing vulnerability analysis on this bill of materials is demonstrated and a suitable model is proposed. [ABSTRACT FROM AUTHOR]

Published

2024

36. FFRA: A Fine-Grained Function-Level Framework to Reduce the Attack Surface.

Author

Zhang, Xingxing, Liu, Liang, Fan, Yu, and Zhou, Qian

Subjects

COMPUTER software, ANTIVIRUS software, ELECTROENCEPHALOGRAPHY, COMPUTER security, SECURITY systems

Abstract

System calls are essential interfaces that enable applications to access and utilize the operating system's services and resources. Attackers frequently exploit application's vulnerabilities and misuse system calls to execute malicious code, aiming to elevate privileges and so on. Consequently, restricting the misuse of system calls becomes a crucial measure in ensuring system security. It is an effective method known as reducing the attack surface. Existing attack surface reduction techniques construct a global whitelist of system calls for the entire lifetime of the application, which is coarse-grained. In this paper, we propose a Fine-grained Function-level framework to Reduce the Attack surface (FFRA). FFRA employs software static analysis to obtain the function call graph of the application. Combining the graph with a mapping of library functions generates each function's legitimate system calls. As far as we know, it is the first approach to construct the whitelist of system calls for each function of the application. We have implemented a prototype of FFRA and evaluated its effectiveness with six popular server applications. The experimental results show that it disables 33% more system calls compared to existing approaches while detecting 15% more shellcode vulnerabilities. Our framework outperforms existing models by defending against a broader range of attacks. Integrated into antivirus software and intrusion prevention systems, FFRA could effectively counter malware by precisely restricting system calls. [ABSTRACT FROM AUTHOR]

Published

2024

37. Vulnerability detection in Java source code using a quantum convolutional neural network with self-attentive pooling, deep sequence, and graph-based hybrid feature extraction.

Author

Hussain, Shumaila, Nadeem, Muhammad, Baber, Junaid, Hamdi, Mohammed, Rajab, Adel, Al Reshan, Mana Saleh, and Shaikh, Asadullah

Subjects

CONVOLUTIONAL neural networks, DEEP learning, FEATURE extraction, SOURCE code, COMPUTER security vulnerabilities, FLOWGRAPHS

Abstract

Software vulnerabilities pose a significant threat to system security, necessitating effective automatic detection methods. Current techniques face challenges such as dependency issues, language bias, and coarse detection granularity. This study presents a novel deep learning-based vulnerability detection system for Java code. Leveraging hybrid feature extraction through graph and sequence-based techniques enhances semantic and syntactic understanding. The system utilizes control flow graphs (CFG), abstract syntax trees (AST), program dependencies (PD), and greedy longest-match first vectorization for graph representation. A hybrid neural network (GCN-RFEMLP) and the pre-trained CodeBERT model extract features, feeding them into a quantum convolutional neural network with self-attentive pooling. The system addresses issues like long-term information dependency and coarse detection granularity, employing intermediate code representation and inter-procedural slice code. To mitigate language bias, a benchmark software assurance reference dataset is employed. Evaluations demonstrate the system's superiority, achieving 99.2% accuracy in detecting vulnerabilities, outperforming benchmark methods. The proposed approach comprehensively addresses vulnerabilities, including improper input validation, missing authorizations, buffer overflow, cross-site scripting, and SQL injection attacks listed by common weakness enumeration (CWE). [ABSTRACT FROM AUTHOR]

Published

2024

38. Security risks of global software development life cycle: Industry practitioner's perspective.

Author

Khan, Rafiq Ahmad, Khan, Siffat Ullah, Akbar, Muhammad Azeem, and Alzahrani, Musaad

Subjects

*COMPUTER software development, *ANALYTIC hierarchy process, *COMPUTER software security, *COMPUTER systems, *BUSINESS software

Abstract

Software security has become increasingly important because the malicious attack and other hacker risks of a computer system have grown popularity in the last few years. As a result, several researchers have examined security solutions as early as the requirement engineering phase. With the growth of the software business and the internet, there is a need to understand the security risks against each phase of the software development life cycle (SDLC). This study aims to empirically investigate and prioritize the risks that could negatively impact the software security aspects of SDLC in the context of global software development (GSD). To achieve the study objectives, we conducted an industrial empirical study to determine the impact of software security threats against each phase of SDLC. Furthermore, the fuzzy analytical hierarchy process (FAHP) was used to prioritize the list of software security risks against the SDLC. The results and analysis of this study provide a ranked‐based decision‐making framework, which assists the practitioners in considering the most critical security risks on priority. The results show "improper plan for secure requirement identification, inception, authentication, authorization, and privacy," "lack of threat models updating," "lack of output validation," "lack of certification in the final release and archive," and "spoofing" as the top‐ranked security risks of SDLC in GSD. In addition, the application of FAHP is novel in this domain as it is helpful to address multicriteria decision‐making problems. [ABSTRACT FROM AUTHOR]

Published

2024

39. Vision Transformer Inspired Automated Vulnerability Repair.

Author

Fu, Michael, Nguyen, Van, Tantithamthavorn, Chakkrit, Phung, Dinh, and Le, Trung

Subjects

TRANSFORMER models, OBJECT recognition (Computer vision), COMPUTER vision, COMPUTER software security, REPAIRING

Abstract

Recently, automated vulnerability repair approaches have been widely adopted to combat increasing software security issues. In particular, transformer-based encoder-decoder models achieve competitive results. Whereas vulnerable programs may only consist of a few vulnerable code areas that need repair, existing AVR approaches lack a mechanism guiding their model to pay more attention to vulnerable code areas during repair generation. In this article, we propose a novel vulnerability repair framework inspired by the Vision Transformer based approaches for object detection in the computer vision domain. Similar to the object queries used to locate objects in object detection in computer vision, we introduce and leverage vulnerability queries (VQs) to locate vulnerable code areas and then suggest their repairs. In particular, we leverage the cross-attention mechanism to achieve the cross-match between VQs and their corresponding vulnerable code areas. To strengthen our cross-match and generate more accurate vulnerability repairs, we propose to learn a novel vulnerability mask (VM) and integrate it into decoders' cross-attention, which makes our VQs pay more attention to vulnerable code areas during repair generation. In addition, we incorporate our VM into encoders' self-attention to learn embeddings that emphasize the vulnerable areas of a program. Through an extensive evaluation using the real-world 5,417 vulnerabilities, our approach outperforms all of the automated vulnerability repair baseline methods by 2.68% to 32.33%. Additionally, our analysis of the cross-attention map of our approach confirms the design rationale of our VM and its effectiveness. Finally, our survey study with 71 software practitioners highlights the significance and usefulness of AI-generated vulnerability repairs in the realm of software security. The training code and pre-trained models are available at https://github.com/awsm-research/VQM. [ABSTRACT FROM AUTHOR]

Published

2024

40. MACHINE LEARNING FOR SOFTWARE SECURITY TESTING.

Author

Moric, Zlatan, Halic, Jelena, and Regvart, Damir

Subjects

*COMPUTER software security, *COMPUTER software management, *COMPUTER software testing, *SECURITY systems, *ELECTRIC machines

Abstract

The incorporation of machine learning (ML) into software security testing has become a crucial advancement due to the increasing prevalence of sophisticated cyber-attacks. This integration offers substantial improvements compared to conventional security methods. This article provides a thorough analysis of machine learning methods used to enhance the detection, classification, and management of software vulnerabilities. We explore diverse machine learning techniques and assess their efficacy in automating and improving security operations in various cybersecurity scenarios. The research focuses on analysing the achievements and difficulties faced while training machine learning models for tasks like identifying vulnerabilities and optimizing security controls. This analysis is based on empirical data obtained from current case studies. In addition, we assess crucial areas that require enhancement and suggest strategic approaches for future study with the goal of maximizing the influence of machine learning on software security. This work contributes by doing a thorough investigation of the role of machine learning (ML) in cybersecurity. It presents a convincing argument for the incorporation of ML into security measures to improve their effectiveness. [ABSTRACT FROM AUTHOR]

Published

2024

41. Delegation-Based Agile Secure Software Development Approach for Small and Medium-Sized Businesses

Author

Anze Mihelic, Simon Vrhovec, Blaz Markelj, and Tomaz Hovelja

Subjects

Software security, secure software engineering (SSE), engineering of secure software (ESS), lean, software development management, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Software engineering often follows a particular methodology. Throughout the software development industry, an increasing share of enterprises follow agile principles. However, engineering adequately secure software, even though required by some international standards, remains challenging. That is particularly true when enterprises use agile approaches. Additionally, existing agile, secure software engineering approaches proposed in the literature are poorly suited for small and medium-sized enterprises (SMEs). While some suggest permanently embedding security in agile, these solutions are rigid and often limited to specific methods like Scrum or Extreme Programming. This paper introduces a situational agile approach for secure software development, namely ATTRACT, which does not require a particular method to be used by the development team and is designed as a temporary add-on to the existing method. It takes a software development method used by an enterprise as is and builds on it. It is designed to incrementally enhance security knowledge and awareness within the development team; thus, it is especially suited for SMEs. The approach was tested in a real-world longitudinal multiple-case study. The results indicate that this approach enhanced security awareness, improved code quality, and encouraged tailored security implementations. Although results indicate an adaptation phase, teams generally found that the approach met their expectations.

Published

2024

42. Automated Intel SGX Integration for Enhanced Application Security

Author

Leonardo Regano and Daniele Canavese

Subjects

SGX, software security, static analysis, TEE, usable security, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Nowadays, many chip manufacturers offer various Trusted Execution Environment (TEE) implementations to protect the critical data and the algorithms in hardware. One of Intel’s answers to the TEE race is SGX (Software Guard Extensions), which enables the creation of hardware-encrypted memory areas known as enclaves. Although it promises a high-security level, it still requires expertise, effort, and time to convert a traditional application into an SGX-enabled one. This paper proposes a novel approach to generate enclaves from existing C/C++ applications automatically. Our strategy involves annotating the sensitive code to be protected, which is then statically analyzed and modified to comply with all the SGX requirements. Our approach does not require the user’s prior knowledge of the SGX platform. The framework automatically identifies and implements all the required modifications of the target application source code to make it compatible with the SGX toolchain. In addition, it is fast and can port big applications containing hundreds of functions in mere minutes, as we proved experimentally.

Published

2024

43. On the Code Vulnerability Detection Based on Deep Learning: A Comparative Study

Author

Guiping Li and Yege Yang

Subjects

Software security, deep learning, program analysis, automated static analysis, code vulnerability detection, vulnerability mining, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Deep learning is one of the important methods to detect and fix vulnerabilities in software programs. How to represent code information and how to use artificial intelligence methods to learn and understand code semantics and other information are crucial points in this method. Vulnerability mining analysis based on source code is usually combined with compiler-related techniques to abstract program representations through lexical, syntactic, and semantic analyses, and further combined with data flow analysis, control flow analysis, static symbolic execution, and other techniques to verify the existence of vulnerabilities and identify the location of code defects. To compare the abilities of vulnerability detection methods, we first categorize vulnerability detection methods into two main types based on different intermediate representations: sequence-based and graph-based methods. And then, we further divide sequence-based methods into four categories and distinguish graph-based methods based on whether they employ slicing techniques. Following, through the analysis of specific examples, we compare the advantages and disadvantages of these two methods, and explore the differences and similarities in the neural networks they use. Lastly, we conduct a comparative analysis of the datasets used in the mentioned methods, highlight some challenges in this field, and present our thoughts on potential research directions.

Published

2024

44. How secure is AI-generated code: a large-scale comparison of large language models

Author

Tihanyi, Norbert, Bisztray, Tamas, Ferrag, Mohamed Amine, Jain, Ridhi, and Cordeiro, Lucas C.

Published

2025

45. Estimating vulnerability metrics with word embedding and multiclass classification methods.

Author

Kekül, Hakan, Ergen, Burhan, and Arslan, Halil

Subjects

*COMPUTER security vulnerabilities, *COMPUTER software security, *INTERNET security, *DATABASES, *CLASSIFICATION algorithms, *NATURAL language processing

Abstract

Cyber security has an increasing importance since the day when information technologies are an invariable part of modern human life. One of the fundamental areas of cyber security is the concept of software security. Security vulnerabilities in software are one of the main reasons for the exploitation of information systems. For this reason, it has been systematically reported, analyzed and classified for a long time, with a protocol established between the states and the stakeholders of the issue at the level. All these processes are carried out manually by humans today. This situation causes errors and delays caused by human nature. Therefore, the current study aims to help the experts and increase the accuracy of the analysis results by speeding up the processes. To achieve this goal, a model is proposed that uses technical explanations of security reports written in natural language. Our model basically proposes a method that uses word embedding approaches and multi-class classification algorithms from natural language processing techniques. In order to compare the proposed model more accurately, the NVD database, which is open to everyone and accepted as a reference, was chosen. In addition, previous studies in the literature and the model we propose were compared. In order for the results of the compared models to be analyzed more accurately, our model was trained with the data sets of the studies it was compared and the results were presented clearly. The proposed method showed estimation success in the range of 87.34–96.25% for CVSS 2.0 metrics, and in the range of 84–90% for CVSS 3.1. This study, in which different word embedding and classification algorithms are used together, is one of the limited studies on the latest version of the official scoring system used for classification of software security vulnerabilities. Moreover, it is the most comprehensive and original study in its field due to the size of the dataset it uses and the number of databases evaluated. [ABSTRACT FROM AUTHOR]

Published

2024

46. BiT5: A Bidirectional NLP Approach for Advanced Vulnerability Detection in Codebase.

Author

GS, Prabith, M, Rohit Narayanan, A, Arya, R, Aneesh Nadh, and PK, Binu

Subjects

NATURAL language processing, COMPUTER software security

Abstract

In this research paper, a detailed investigation presents the utilization of the BiT5 Bidirectional NLP model for detecting vulnerabilities within codebases. The study addresses the pressing need for techniques enhancing software security by effectively identifying vulnerabilities. Methodologically, the paper introduces BiT5, specifically designed for code analysis and vulnerability detection, encompassing dataset collection, preprocessing steps, and model fine-tuning. The key findings underscore BiT5's efficacy in pinpointing vulnerabilities within code snippets, notably reducing both false positives and false negatives. This research contributes by offering a methodology for leveraging BiT5 in vulnerability detection, thus significantly bolstering software security and mitigating risks associated with code vulnerabilities. [ABSTRACT FROM AUTHOR]

Published

2024

47. Shadow IT in higher education: survey and case study for cybersecurity.

Author

Orr, Selma Gomez, Bonyadi, Cyrus Jian, Golaszewski, Enis, Sherman, Alan T., Peterson, Peter A. H., Forno, Richard, Johns, Sydney, and Rodriguez, Jimmy

Subjects

*INFORMATION technology, *INFORMATION technology security, *COMPUTERS, *HIGHER education, *INTERNET security

Abstract

We explore shadow information technology (IT) at institutions of higher education through a two-tiered approach involving a detailed case study and comprehensive survey of IT professionals. In its many forms, shadow IT is the software or hardware present in a computer system or network that lies outside the typical review process of the responsible IT unit. We carry out a case study of an internally built legacy grants management system at the University of Maryland, Baltimore County that exemplifies the vulnerabilities, including cross-site scripting and SQL injection, typical of such unauthorized and ad-hoc software. We also conduct a survey of IT professionals at universities, colleges, and community colleges that reveals new and actionable information regarding the prevalence, usage patterns, types, benefits, and risks of shadow IT at their respective institutions. Further, we propose a security-based profile of shadow IT, involving a subset of elements from existing shadow IT taxonomies, which categorizes shadow IT from a security perspective. Based on this profile, survey respondents identified the predominant form of shadow IT at their institutions, revealing close similarities to findings from our case study. Through this work, we are the first to identify possible susceptibility factors associated with the occurrence of shadow IT related security incidents within academic institutions. Correlations of significance include the presence of certain graduate schools, the level of decentralization of the IT department, the types of shadow IT present, the percentage of security violations related to shadow IT, and the institution's overall attitude toward shadow IT. The combined elements of our case study, profile, and survey provide the first multifaceted view of shadow IT security at academic institutions, highlighting tension between its risks and benefits, and suggesting strategies for managing it successfully. [ABSTRACT FROM AUTHOR]

Published

2024

48. CODESENTRY: REVOLUTIONIZING REAL-TIME SOFTWARE VULNERABILITY DETECTION WITH OPTIMIZED GPT FRAMEWORK.

Author

JONES, Angel and OMAR, Marwan

Subjects

*COMPUTER security vulnerabilities, *GENERATIVE pre-trained transformers, *DEEP learning, *CONVOLUTIONAL neural networks, *LANGUAGE models

Abstract

The escalating complexity and sophistication of software vulnerabilities demand innovative approaches in cybersecurity. This study introduces a groundbreaking framework, named "CodeSentry", employing a transformer-based model for vulnerability detection in software code. "CodeSentry" leverages a finely-tuned version of the Generative Pre-trained Transformer (GPT), optimized for pinpointing vulnerable code patterns across various benchmark datasets. This approach stands apart by its remarkable computational efficiency, making it suitable for real-time applications - a significant advancement over traditional, resource-intensive deep learning models like CNNs and LSTMs. Empirical results showcase "CodeSentry" achieving an impressive 92.65% accuracy in vulnerability detection, surpassing existing state-of-the-art methods such as SyseVR and VulDeBERT. This novel methodology marks a paradigm shift in vulnerability detection, blending advanced AI with practical application efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

49. Security vulnerabilities in healthcare: an analysis of medical devices and software.

Author

Mejía-Granda, Carlos M., Fernández-Alemán, José L., Carrillo-de-Gea, Juan M., and García-Berná, José A.

Subjects

*COMPUTER security vulnerabilities, *HEALTH care industry, *MEDICAL software, *ELECTRONIC health records, *DATABASES, *MEDICAL equipment

Abstract

The integration of IoT in healthcare has introduced vulnerabilities in medical devices and software, posing risks to patient safety and system integrity. This study aims to bridge the research gap and provide valuable insights for addressing healthcare vulnerabilities and their mitigation mechanisms. Software vulnerabilities related to health systems from 2001 to 2022 were collected from the National Vulnerability Database (NVD) systematized by software developed by the researchers and assessed by a medical specialist for their impact on patient well-being. The analysis revealed electronic health records, wireless infusion pumps, endoscope cameras, and radiology information systems as the most vulnerable. In addition, critical vulnerabilities were identified, including poor credential management and hard-coded credentials. The investigation provides some insights into the consequences of vulnerabilities in health software products, projecting future security issues by 2025, offers mitigation suggestions, and highlights trends in attacks on life support and health systems are also provided. The healthcare industry needs significant improvements in protecting medical devices from cyberattacks. Securing communication channels and network schema and adopting secure software practices is necessary. In addition, collaboration, regulatory adherence, and continuous security monitoring are crucial. Industries, researchers, and stakeholders can utilize these findings to enhance security and safeguard patient safety. [ABSTRACT FROM AUTHOR]

Published

2024

50. Fuzzing: Progress, Challenges, and Perspectives.

Author

Zhenhua Yu, Zhengqi Liu, Xuya Cong, Xiaobo Li, and Li Yin

Subjects

COMPUTER software security, RESEARCH personnel, COMPUTER software testing

Abstract

As one of the most effective techniques for finding software vulnerabilities, fuzzing has become a hot topic in software security. It feeds potentially syntactically or semantically malformed test data to a target program to mine vulnerabilities and crash the system. In recent years, considerable efforts have been dedicated by researchers and practitioners towards improving fuzzing, so there aremore and more methods and forms, whichmake it difficult to have a comprehensive understanding of the technique. This paper conducts a thorough survey of fuzzing, focusing on its general process, classification, common application scenarios, and some state-of-the-art techniques that have been introduced to improve its performance. Finally, this paper puts forward key research challenges and proposes possible future research directions that may provide new insights for researchers. [ABSTRACT FROM AUTHOR]

Published

2024