SoK: Towards Effective Automated Vulnerability Repair

• URL: http://arxiv.org/abs/2501.18820v1
• Date: Fri, 31 Jan 2025 00:35:55 GMT
• Title: SoK: Towards Effective Automated Vulnerability Repair
• Authors: Ying Li, Faysal hossain shezan, Bomin wei, Gang Wang, Yuan Tian,
• Abstract summary: The increasing prevalence of software vulnerabilities necessitates automated vulnerability repair (AVR) techniques. This Systematization of Knowledge (SoK) provides a comprehensive overview of the landscape, encompassing both synthetic and real-world vulnerabilities.
• Score: 11.028015952491991
• License:
• Abstract: The increasing prevalence of software vulnerabilities necessitates automated vulnerability repair (AVR) techniques. This Systematization of Knowledge (SoK) provides a comprehensive overview of the AVR landscape, encompassing both synthetic and real-world vulnerabilities. Through a systematic literature review and quantitative benchmarking across diverse datasets, methods, and strategies, we establish a taxonomy of existing AVR methodologies, categorizing them into template-guided, search-based, constraint-based, and learning-driven approaches. We evaluate the strengths and limitations of these approaches, highlighting common challenges and practical implications. Our comprehensive analysis of existing AVR methods reveals a diverse landscape with no single ``best'' approach. Learning-based methods excel in specific scenarios but lack complete program understanding, and both learning and non-learning methods face challenges with complex vulnerabilities. Additionally, we identify emerging trends and propose future research directions to advance the field of AVR. This SoK serves as a valuable resource for researchers and practitioners, offering a structured understanding of the current state-of-the-art and guiding future research and development in this critical domain.

Related papers

• A Survey on Vulnerability Prioritization: Taxonomy, Metrics, and Research Challenges [20.407534993667607]
  Resource constraints necessitate effective vulnerability prioritization strategies. This paper introduces a novel taxonomy that categorizes metrics into severity, exploitability, contextual factors, predictive indicators, and aggregation methods.
  arXiv  Detail & Related papers  (2025-02-16T10:33:37Z)
• Survey on AI-Generated Media Detection: From Non-MLLM to MLLM [51.91311158085973]
  Methods for detecting AI-generated media have evolved rapidly. General-purpose detectors based on MLLMs integrate authenticity verification, explainability, and localization capabilities. Ethical and security considerations have emerged as critical global concerns.
  arXiv  Detail & Related papers  (2025-02-07T12:18:20Z)
• Online Continual Learning: A Systematic Literature Review of Approaches, Challenges, and Benchmarks [1.3631535881390204]
  Online Continual Learning (OCL) is a critical area in machine learning. This study conducts the first comprehensive Systematic Literature Review on OCL.
  arXiv  Detail & Related papers  (2025-01-09T01:03:14Z)
• A Survey on All-in-One Image Restoration: Taxonomy, Evaluation and Future Trends [67.43992456058541]
  Image restoration (IR) refers to the process of improving visual quality of images while removing degradation, such as noise, blur, weather effects, and so on. Traditional IR methods typically target specific types of degradation, which limits their effectiveness in real-world scenarios with complex distortions. The all-in-one image restoration (AiOIR) paradigm has emerged, offering a unified framework that adeptly addresses multiple degradation types.
  arXiv  Detail & Related papers  (2024-10-19T11:11:09Z)
• A Systematic Review of Edge Case Detection in Automated Driving: Methods, Challenges and Future Directions [0.3871780652193725]
  This paper presents a practical, hierarchical review and systematic classification of edge case detection and assessment methodologies. Our classification is structured on two levels: first, categorizing detection approaches according to AV modules, including perception-related and trajectory-related edge cases. We introduce a new class called "knowledge-driven" approaches, which is largely overlooked in the literature.
  arXiv  Detail & Related papers  (2024-10-11T03:32:20Z)
• Dynamic Vulnerability Criticality Calculator for Industrial Control Systems [0.0]
  This paper introduces an innovative approach by proposing a dynamic vulnerability criticality calculator. Our methodology encompasses the analysis of environmental topology and the effectiveness of deployed security mechanisms. Our approach integrates these factors into a comprehensive Fuzzy Cognitive Map model, incorporating attack paths to holistically assess the overall vulnerability score.
  arXiv  Detail & Related papers  (2024-03-20T09:48:47Z)
• Opening the Black-Box: A Systematic Review on Explainable AI in Remote Sensing [51.524108608250074]
  Black-box machine learning approaches have become a dominant modeling paradigm for knowledge extraction in remote sensing. We perform a systematic review to identify the key trends in the field and shed light on novel explainable AI approaches. We also give a detailed outlook on the challenges and promising research directions.
  arXiv  Detail & Related papers  (2024-02-21T13:19:58Z)
• Embedding in Recommender Systems: A Survey [67.67966158305603]
  A crucial aspect is embedding techniques that covert the high-dimensional discrete features, such as user and item IDs, into low-dimensional continuous vectors. Applying embedding techniques captures complex entity relationships and has spurred substantial research. This survey covers embedding methods like collaborative filtering, self-supervised learning, and graph-based techniques.
  arXiv  Detail & Related papers  (2023-10-28T06:31:06Z)
• A Discrepancy Aware Framework for Robust Anomaly Detection [51.710249807397695]
  We present a Discrepancy Aware Framework (DAF), which demonstrates robust performance consistently with simple and cheap strategies. Our method leverages an appearance-agnostic cue to guide the decoder in identifying defects, thereby alleviating its reliance on synthetic appearance. Under the simple synthesis strategies, it outperforms existing methods by a large margin. Furthermore, it also achieves the state-of-the-art localization performance.
  arXiv  Detail & Related papers  (2023-10-11T15:21:40Z)
• A Survey of Graph Unlearning [12.86327535559885]
  Graph unlearning provides the means to remove sensitive data traces from trained models, upholding the right to be forgotten. We present the first systematic review of graph unlearning approaches, encompassing a diverse array of methodologies. We explore the versatility of graph unlearning across various domains, including but not limited to social networks, recommender systems, and resource-constrained environments like the Internet of Things.
  arXiv  Detail & Related papers  (2023-08-23T20:50:52Z)
• GLUECons: A Generic Benchmark for Learning Under Constraints [102.78051169725455]
  In this work, we create a benchmark that is a collection of nine tasks in the domains of natural language processing and computer vision. We model external knowledge as constraints, specify the sources of the constraints for each task, and implement various models that use these constraints.
  arXiv  Detail & Related papers  (2023-02-16T16:45:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.