Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection | AIセキュリティポータル

EN

JA

EN

TOP 文献データベース Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection

arxiv

Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection

AIセキュリティポータルbot

文献データベースの情報は、自動的に収集されています。

Source

https://arxiv.org/abs/2408.12986

PDF

https://arxiv.org/pdf/2408.12986

文献情報

作者: Niklas Risse,Jing Liu,Marcel Böhme
公開日: 2024-8-23
更新日: 2025-4-23
所属機関: MPI-SP
所属の国: Germany
会議名: Proc. ACM Softw. Eng.

AIにより推定されたラベル

脆弱性管理評価手法セキュリティ分析

※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。

Abstract

According to our survey of machine learning for vulnerability detection (ML4VD), 9 in every 10 papers published in the past five years define ML4VD as a function-level binary classification problem: Given a function, does it contain a security flaw? From our experience as security researchers, faced with deciding whether a given function makes the program vulnerable to attacks, we would often first want to understand the context in which this function is called. In this paper, we study how often this decision can really be made without further context and study both vulnerable and non-vulnerable functions in the most popular ML4VD datasets. We call a function "vulnerable" if it was involved in a patch of an actual security flaw and confirmed to cause the program's vulnerability. It is "non-vulnerable" otherwise. We find that in almost all cases this decision cannot be made without further context. Vulnerable functions are often vulnerable only because a corresponding vulnerability-inducing calling context exists while non-vulnerable functions would often be vulnerable if a corresponding context existed. But why do ML4VD techniques achieve high scores even though there is demonstrably not enough information in these samples? Spurious correlations: We find that high scores can be achieved even when only word counts are available. This shows that these datasets can be exploited to achieve high scores without actually detecting any security vulnerabilities. We conclude that the prevailing problem statement of ML4VD is ill-defined and call into question the internal validity of this growing body of work. Constructively, we call for more effective benchmarking methodologies to evaluate the true capabilities of ML4VD, propose alternative problem statements, and examine broader implications for the evaluation of machine learning and programming analysis research.

外部データセット

BigVul

Devign

DiverseVul

参考文献

DiverseVul: A New Vulnerable Source Code Dataset for Deep Learning Based Vulnerability Detection

Yizheng Chen, Zhoujie Ding, Lamya Alowain, Xinyun Chen, David Wagner

Published: 2023.4.2

We propose and release a new vulnerable source code dataset. We curate the dataset by crawling security issue websites, extracting vulnerability-fixing commits and source codes from the corresponding projects. Our new dataset contains 18,945 vulnerable functions spanning 150 CWEs and 330,492 non-vulnerable functions extracted from 7,514 commits. Our dataset covers 295 more projects than all previous datasets combined. Combining our new dataset with previous datasets, we present an analysis of the challenges and promising research directions of using deep learning for detecting software vulnerabilities. We study 11 model architectures belonging to 4 families. Our results show that deep learning is still not ready for vulnerability detection, due to high false positive rate, low F1 score, and difficulty of detecting hard CWEs. In particular, we demonstrate an important generalization challenge for the deployment of deep learning-based models. We show that increasing the volume of training data may not further improve the performance of deep learning models for vulnerability detection, but might be useful to improve the generalization ability to unseen projects. We also identify hopeful future research directions. We demonstrate that large language models (LLMs) are a promising research direction for ML-based vulnerability detection, outperforming Graph Neural Networks (GNNs) with code-structure features in our experiments. Moreover, developing source code specific pre-training objectives is a promising research direction to improve the vulnerability detection performance.

脆弱性検出プロンプトインジェクションセキュリティラベル

Proc. ACM Program. Lang.

Finding real bugs in big programs with incorrectness logic

Q. L. Le, A. Raad, J. Villard, J. Berdine, D. Dreyer, P. W. O’Hearn

Published: 2022

International Conference on Tools and Algorithms for Construction and Analysis of Systems

Phasar: An inter-procedural static analysis framework for c/c++

P. D. Schubert, B. Hermann, E. Bodden

Published: 2019

Pearson Education Canada

Software Testing: Principles and Practice

S. Desikan, G. Ramesh

Published: 2006

Springer Publishing Company, Incorporated

Principles of Program Analysis

F. Nielson, H. R. Nielson, C. Hankin

Published: 2010

Communications of the ACM

An axiomatic basis for computer programming

C. A. R. Hoare

Published: 1969

Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis

An empirical study on the effectiveness of static C code analyzers for vulnerability detection

Stephan Lipp, Sebastian Banescu, Alexander Pretschner

Published: 2022

ICSE

Why don’t software developers use static analysis tools to find bugs?

B. Johnson, Y. Song, E. Murphy-Hill, R. Bowdidge

Published: 2013

IEEE Software

Fuzzing: Challenges and opportunities

M. Bohme, C. Cadar, A. Roychoudhury

Published: 2021

Proceedings of the ACM International Conference on the Foundations of Software Engineering

Mendelfuzz: The return of the deterministic stage

H. Zheng, F. Toffalini, M. Bohme, M. Payer

Published: 2025

Proceedings of the Network and Distributed System Security Symposium

Large language model guided protocol fuzzing

R. Meng, M. Mirchev, M. Bohme, A. Roychoudhury

Published: 2024

Proceedings of the 47th International Conference on Software Engineering

Invivo fuzzing by amplifying actual executions

O. Galland, M. Bohme

Published: 2025

Communications of the ACM

Boosting fuzzer efficiency: An information theoretic perspective

M. Bohme, V. J. M. Manes, S. K. Cha

Published: 2023

2008 Frontiers of Software Maintenance

Retesting software during development and maintenance

M. J. Harrold, A. Orso

Published: 2008

Quickcheck: a lightweight tool for random testing of haskell programs

K. Claessen, J. Hughes

Published: 2000

Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

Jqf: coverage-guided property-based testing in java

R. Padhye, C. Lemieux, K. Sen

Published: 2019

Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis

Semantic fuzzing with zest

R. Padhye, C. Lemieux, K. Sen, M. Papadakis, Y. Le Traon

Published: 2019

IEEE Symposium on Security and Privacy (SP)

Llms cannot reliably identify and reason about security vulnerabilities (yet?): A comprehensive evaluation, framework, and benchmarks

S. Ullah, M. Han, S. Pujar, H. Pearce, A. Coskun, G. Stringhini

Published: 2024

USENIX Security Symposium

Uncovering the Limits of Machine Learning for Automatic Vulnerability Detection

Niklas Risse, Marcel Böhme

Published: 2023.6.28

Recent results of machine learning for automatic vulnerability detection (ML4VD) have been very promising. Given only the source code of a function $f$, ML4VD techniques can decide if $f$ contains a security flaw with up to 70% accuracy. However, as evident in our own experiments, the same top-performing models are unable to distinguish between functions that contain a vulnerability and functions where the vulnerability is patched. So, how can we explain this contradiction and how can we improve the way we evaluate ML4VD techniques to get a better picture of their actual capabilities? In this paper, we identify overfitting to unrelated features and out-of-distribution generalization as two problems, which are not captured by the traditional approach of evaluating ML4VD techniques. As a remedy, we propose a novel benchmarking methodology to help researchers better evaluate the true capabilities and limits of ML4VD techniques. Specifically, we propose (i) to augment the training and validation dataset according to our cross-validation algorithm, where a semantic preserving transformation is applied during the augmentation of either the training set or the testing set, and (ii) to augment the testing set with code snippets where the vulnerabilities are patched. Using six ML4VD techniques and two datasets, we find (a) that state-of-the-art models severely overfit to unrelated features for predicting the vulnerabilities in the testing data, (b) that the performance gained by data augmentation does not generalize beyond the specific augmentations applied during training, and (c) that state-of-the-art ML4VD techniques are unable to distinguish vulnerable functions from their patches.

性能評価脆弱性管理データセット生成

ICSE

Data quality for software vulnerability datasets

Roland Croft, M Ali Babar, M Mehdi Kholoosi

Published: 2023

Proceedings of the IEEE/ACM 46th International Conference on Software Engineering

Toward improved deep learning-based vulnerability detection

A. Sejfia, S. Das, S. Shafiq, N. Medvidovic

Published: 2024

Proceedings of the IEEE/ACM 46th International Conference on Software Engineering

On the effectiveness of function-level vulnerability detectors for inter-procedural vulnerabilities

Z. Li, N. Wang, D. Zou, Y. Li, R. Zhang, S. Xu, C. Zhang, H. Jin

Published: 2024

USENIX Security Symposium

Dos and Don'ts of Machine Learning in Computer Security

Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck

Published: 2020.10.19

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, spawning a series of work on learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment. In this paper, we look at this problem with critical eyes. First, we identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We conduct a study of 30 papers from top-tier security conferences within the past 10 years, confirming that these pitfalls are widespread in the current security literature. In an empirical analysis, we further demonstrate how individual pitfalls can lead to unrealistic performance and interpretations, obstructing the understanding of the security problem at hand. As a remedy, we propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible. Furthermore, we identify open problems when applying machine learning in security and provide directions for further research.

データセット評価バイアススプリアス相関

Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Detecting overfitting of machine learning techniques for automatic vulnerability detection

Published: 2023

Proceedings of the 46th International Conference on Software Engineering, ICSE ’24

Towards causal deep learning for vulnerability detection

Md Mahbubur Rahman, Ira Ceka, Chengzhi Mao, Saikat Chakraborty, Baishakhi Ray, Wei Le

Published: 2024

Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering

Snopy: Bridging sample denoising with causal graph learning for effective vulnerability detection

S. Cao, X. Sun, X. Wu, D. Lo, L. Bo, B. Li, X. Liu, X. Lin, W. Liu

Published: 2024

Guidelines for performing systematic literature reviews in software engineering

B. Kitchenham, S. Charters

Published: 2007

Information and Software Technology

Guidelines for conducting systematic mapping studies in software engineering: An update

Kai Petersen, Sairam Vakkalanka, Ludwik Kuzniarz

Published: 2015

Proceedings of the 17th International Conference on Mining Software Repositories

AC/C++ code vulnerability dataset with code changes and CVE summaries

Jiahao Fan, Yi Li, Shaohua Wang, Tien N Nguyen

Published: 2020

Conference on Neural Information Processing Systems (NeurIPS)

Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks

Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, Yang Liu

Published: 2019.9.9

Vulnerability identification is crucial to protect the software systems from attacks for cyber security. It is especially important to localize the vulnerable functions among the source code to facilitate the fix. However, it is a challenging and tedious process, and also requires specialized security expertise. Inspired by the work on manually-defined patterns of vulnerabilities from various code representation graphs and the recent advance on graph neural networks, we propose Devign, a general graph neural network based model for graph-level classification through learning on a rich set of code semantic representations. It includes a novel Conv module to efficiently extract useful features in the learned rich node representations for graph-level classification. The model is trained over manually labeled datasets built on 4 diversified large-scale open-source C projects that incorporate high complexity and variety of real source code instead of synthesis code used in previous works. The results of the extensive evaluation on the datasets demonstrate that Devign outperforms the state of the arts significantly with an average of 10.51% higher accuracy and 8.68\% F1 score, increases averagely 4.66% accuracy and 6.37% F1 by the Conv module.

データ駆動型脆弱性評価グラフ構築機械学習

IEEE Transactions on Software Engineering

Deep learning based vulnerability detection: Are we there yet?

S. Chakraborty, R. Krishna, Y. Ding, B. Ray

Published: 2022

Educational and psychological measurement

A coefficient of agreement for nominal scales

Cohen, J.

Published: 1960

The measurement of observer agreement for categorical data

J. R. Landis, G. G. Koch

Published: 1977

IEEE Transactions on Knowledge and Data Engineering

Learning from imbalanced data

H. He, E. A. Garcia

Published: 2009

Proceedings of the IEEE/ACM 46th International Conference on Software Engineering

Pre-training by predicting program dependencies for vulnerability analysis tasks

Z. Liu, Z. Tang, J. Zhang, X. Xia, X. Yang

Published: 2024

International Conference on Software Engineering (ICSE)

Dataflow Analysis-Inspired Deep Learning for Efficient Vulnerability Detection

Benjamin Steenhoek, Hongyang Gao, Wei Le

Published: 2022.12.16

Deep learning-based vulnerability detection has shown great performance and, in some studies, outperformed static analysis tools. However, the highest-performing approaches use token-based transformer models, which are not the most efficient to capture code semantics required for vulnerability detection. Classical program analysis techniques such as dataflow analysis can detect many types of bugs based on their root causes. In this paper, we propose to combine such causal-based vulnerability detection algorithms with deep learning, aiming to achieve more efficient and effective vulnerability detection. Specifically, we designed DeepDFA, a dataflow analysis-inspired graph learning framework and an embedding technique that enables graph learning to simulate dataflow computation. We show that DeepDFA is both performant and efficient. DeepDFA outperformed all non-transformer baselines. It was trained in 9 minutes, 75x faster than the highest-performing baseline model. When using only 50+ vulnerable and several hundreds of total examples as training data, the model retained the same performance as 100% of the dataset. DeepDFA also generalized to real-world vulnerabilities in DbgBench; it detected 8.7 out of 17 vulnerabilities on average across folds and was able to distinguish between patched and buggy versions, while the highest-performing baseline models did not detect any vulnerabilities. By combining DeepDFA with a large language model, we surpassed the state-of-the-art vulnerability detection performance on the Big-Vul dataset with 96.46 F1 score, 97.82 precision, and 95.14 recall. Our replication package is located at https://doi.org/10.6084/m9.figshare.21225413 .

データフロー解析ソフトウェアセキュリティプログラム解析

EMNLP

Codet5: Identifier-aware unified pre-trained encoder-decoder models for code understanding and generation

Y. Wang, W. Wang, S. Joty, S. C. Hoi

Published: 2021

Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Learning program semantics for vulnerability detection via vulnerability-specific inter-procedural slicing

B. Wu, S. Liu, Y. Xiao, Z. Li, J. Sun, S.-W. Lin

Published: 2023

Proceedings of the 36th International Conference on Neural Information Processing Systems

On feature learning in the presence of spurious correlations

P. Izmailov, P. Kirichenko, N. Gruver, A. G. Wilson

Published: 2024

Proceedings of Machine Learning Research

An investigation of why overparameterization exacerbates spurious correlations

S. Sagawa, A. Raghunathan, P. W. Koh, P. Liang

Published: 2020

2021 IEEE 32nd International Symposium on Software Reliability Engineering

Vu1spg: Vulnerability detection based on slice property graph representation learning

W. Zheng, Y. Jiang, X. Su

Published: 2021