Deep Learning Aided Software Vulnerability Detection: A Survey

• URL: http://arxiv.org/abs/2503.04002v1
• Date: Thu, 06 Mar 2025 01:35:16 GMT
• Title: Deep Learning Aided Software Vulnerability Detection: A Survey
• Authors: Md Nizam Uddin, Yihe Zhang, Xiali Hei,
• Abstract summary: The pervasive nature of software vulnerabilities has emerged as a primary factor for the surge in cyberattacks.<n>Deep learning (DL) methods excel at automatically learning and identifying complex patterns in code.<n>This survey analyzes 34 relevant studies from high-impact journals and conferences between 2017 and 2024.
• Score: 3.4396557936415686
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: The pervasive nature of software vulnerabilities has emerged as a primary factor for the surge in cyberattacks. Traditional vulnerability detection methods, including rule-based, signature-based, manual review, static, and dynamic analysis, often exhibit limitations when encountering increasingly complex systems and a fast-evolving attack landscape. Deep learning (DL) methods excel at automatically learning and identifying complex patterns in code, enabling more effective detection of emerging vulnerabilities. This survey analyzes 34 relevant studies from high-impact journals and conferences between 2017 and 2024. This survey introduces the conceptual framework Vulnerability Detection Lifecycle for the first time to systematically analyze and compare various DL-based vulnerability detection methods and unify them into the same analysis perspective. The framework includes six phases: (1) Dataset Construction, (2) Vulnerability Granularity Definition, (3) Code Representation, (4) Model Design, (5) Model Performance Evaluation, and (6) Real-world Project Implementation. For each phase of the framework, we identify and explore key issues through in-depth analysis of existing research while also highlighting challenges that remain inadequately addressed. This survey provides guidelines for future software vulnerability detection, facilitating further implementation of deep learning techniques applications in this field.

Related papers

• Context-Enhanced Vulnerability Detection Based on Large Language Model [17.922081397554155]
  We propose a context-enhanced vulnerability detection approach that combines program analysis with large language models. Specifically, we use program analysis to extract contextual information at various levels of abstraction, thereby filtering out irrelevant noise. Our goal is to strike a balance between providing sufficient detail to accurately capture vulnerabilities and minimizing unnecessary complexity.
  arXiv  Detail & Related papers  (2025-04-23T16:54:16Z)
• LLMs in Software Security: A Survey of Vulnerability Detection Techniques and Insights [12.424610893030353]
  Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection.<n>This paper provides a detailed survey of LLMs in vulnerability detection.<n>We address challenges such as cross-language vulnerability detection, multimodal data integration, and repository-level analysis.
  arXiv  Detail & Related papers  (2025-02-10T21:33:38Z)
• SoK: On Closing the Applicability Gap in Automated Vulnerability Detection [0.18846515534317265]
  Automated Vulnerability Detection (AVD) aims to autonomously analyze source code to identify vulnerabilities.<n>This paper addresses two primary research questions: How is current AVD research distributed across its core components, and what key areas should future research target to bridge the gap in the practical applicability of AVD throughout software development?<n>We conduct a systematization over 79 AVD articles and 17 empirical studies, analyzing them across five core components: task formulation and granularity, input programming languages and representations, detection approaches and key solutions, evaluation metrics and datasets, and reported performance.
  arXiv  Detail & Related papers  (2024-12-15T14:01:41Z)
• Understanding the Effectiveness of Coverage Criteria for Large Language Models: A Special Angle from Jailbreak Attacks [10.909463767558023]
  Large language models (LLMs) have revolutionized artificial intelligence, but their deployment across critical domains has raised concerns about their abnormal behaviors when faced with malicious attacks.<n>In this paper, we conduct a comprehensive empirical study to evaluate the effectiveness of traditional coverage criteria in identifying such inadequacies.<n>We develop a real-time jailbreak detection mechanism that achieves high accuracy (93.61% on average) in classifying queries as normal or jailbreak.
  arXiv  Detail & Related papers  (2024-08-27T17:14:21Z)
• A Survey and Evaluation of Adversarial Attacks for Object Detection [11.48212060875543]
  Deep learning models are vulnerable to adversarial examples that can deceive them into making confident but incorrect predictions. This vulnerability pose significant risks in high-stakes applications such as autonomous vehicles, security surveillance, and safety-critical inspection systems. This paper presents a novel taxonomic framework for categorizing adversarial attacks specific to object detection architectures.
  arXiv  Detail & Related papers  (2024-08-04T05:22:08Z)
• Deep Learning-Based Object Pose Estimation: A Comprehensive Survey [73.74933379151419]
  We discuss the recent advances in deep learning-based object pose estimation. Our survey also covers multiple input data modalities, degrees-of-freedom of output poses, object properties, and downstream tasks.
  arXiv  Detail & Related papers  (2024-05-13T14:44:22Z)
• Object Detectors in the Open Environment: Challenges, Solutions, and Outlook [95.3317059617271]
  The dynamic and intricate nature of the open environment poses novel and formidable challenges to object detectors. This paper aims to conduct a comprehensive review and analysis of object detectors in open environments. We propose a framework that includes four quadrants (i.e., out-of-domain, out-of-category, robust learning, and incremental learning) based on the dimensions of the data / target changes.
  arXiv  Detail & Related papers  (2024-03-24T19:32:39Z)
• A Survey on Automated Software Vulnerability Detection Using Machine Learning and Deep Learning [19.163031235081565]
  Machine Learning (ML) and Deep Learning (DL) based models for detecting vulnerabilities in source code have been presented in recent years. It may be difficult to discover gaps in existing research and potential for future improvement without a comprehensive survey. This work address that gap by presenting a systematic survey to characterize various features of ML/DL-based source code level software vulnerability detection approaches.
  arXiv  Detail & Related papers  (2023-06-20T16:51:59Z)
• Improving robustness of jet tagging algorithms with adversarial training [56.79800815519762]
  We investigate the vulnerability of flavor tagging algorithms via application of adversarial attacks. We present an adversarial training strategy that mitigates the impact of such simulated attacks.
  arXiv  Detail & Related papers  (2022-03-25T19:57:19Z)
• Weakly Supervised Object Localization and Detection: A Survey [145.5041117184952]
  weakly supervised object localization and detection plays an important role for developing new generation computer vision systems. We review (1) classic models, (2) approaches with feature representations from off-the-shelf deep networks, (3) approaches solely based on deep learning, and (4) publicly available datasets and standard evaluation metrics that are widely used in this field. We discuss the key challenges in this field, development history of this field, advantages/disadvantages of the methods in each category, relationships between methods in different categories, applications of the weakly supervised object localization and detection methods, and potential future directions to further promote the development of this research field
  arXiv  Detail & Related papers  (2021-04-16T06:44:50Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.