KIEE - The Transactions P of the Korean Institute of Electrical Engineers

Mobile QR Code QR CODE : The Transactions P of the Korean Institute of Electrical Engineers

QR CODE : The Transactions P of the Korean Institute of Electrical Engineers

The Transactions P of the Korean Institute of Electrical Engineers

Korean Journal of Air-Conditioning and Refrigeration Engineering

ISO Journal TitleTrans. P of KIEE

Indexed by
Korea Citation Index(KCI)

Main Menu

Journal Search

XML PDF INFO REF


Title	Automatic Detection of Software Security Vulnerabilities
Authors	김성민(Sung-Min Kim) ; 김동관(Dong Kwan Kim)
DOI	https://doi.org/10.5370/KIEEP.2021.70.3.157
Page	pp.157-162
ISSN	1229-800X
Keywords	Security Vulnerability; Deep Learning; Common Vulnerabilities and Exposures (CVE); Code Changes
Abstract	Software vulnerability refers to the characteristic that software can be exploited by attackers. Unauthorized actions can cause economic loss or damage to human life. Therefore, security vulnerabilities should be managed to prevent a malfunction of a software system. This paper provides a deep learning-based system that automatically detects software security vulnerabilities. The proposed detection system builds datasets with vulnerable and non-vulnerable functions for a supervised learning model. These datasets are collected from the CVE databases and GitHub repositories. The automation detection model achieved a high f1-score of 98%. Furthermore, the proposed model showed better classification performance than traditonal machine learning algorithms

Copyright © KIEE All right's reserved

This is an Open-Access article distributed under the terms of the Creative Commons Attribution Non-Commercial License (http://creativecommons.org/licenses/by-nc/3.0/) which permits unrestricted non-commercial use, distribution and reproduction in any medium, provided the original work is property cited.