Open Access iconOpen Access

ARTICLE

A New Framework for Software Vulnerability Detection Based on an Advanced Computing

Bui Van Cong1, Cho Do Xuan2,*

1 Department of Information Technology, University of Economics and Technical Industries, Hanoi, 100000, Vietnam
2 Faculty of Information Security, Posts and Telecommunications Institute of Technology, Hanoi, 100000, Vietnam

* Corresponding Author: Cho Do Xuan. Email: email

(This article belongs to the Special Issue: Securing Machine Learning Algorithms)

Computers, Materials & Continua 2024, 79(3), 3699-3723. https://doi.org/10.32604/cmc.2024.050019

Abstract

The detection of software vulnerabilities written in C and C++ languages takes a lot of attention and interest today. This paper proposes a new framework called DrCSE to improve software vulnerability detection. It uses an intelligent computation technique based on the combination of two methods: Rebalancing data and representation learning to analyze and evaluate the code property graph (CPG) of the source code for detecting abnormal behavior of software vulnerabilities. To do that, DrCSE performs a combination of 3 main processing techniques: (i) building the source code feature profiles, (ii) rebalancing data, and (iii) contrastive learning. In which, the method (i) extracts the source code’s features based on the vertices and edges of the CPG. The method of rebalancing data has the function of supporting the training process by balancing the experimental dataset. Finally, contrastive learning techniques learn the important features of the source code by finding and pulling similar ones together while pushing the outliers away. The experiment part of this paper demonstrates the superiority of the DrCSE Framework for detecting source code security vulnerabilities using the Verum dataset. As a result, the method proposed in the article has brought a pretty good performance in all metrics, especially the Precision and Recall scores of 39.35% and 69.07%, respectively, proving the efficiency of the DrCSE Framework. It performs better than other approaches, with a 5% boost in Precision and a 5% boost in Recall. Overall, this is considered the best research result for the software vulnerability detection problem using the Verum dataset according to our survey to date.

Keywords


Cite This Article

APA Style
Cong, B.V., Xuan, C.D. (2024). A new framework for software vulnerability detection based on an advanced computing. Computers, Materials & Continua, 79(3), 3699-3723. https://doi.org/10.32604/cmc.2024.050019
Vancouver Style
Cong BV, Xuan CD. A new framework for software vulnerability detection based on an advanced computing. Comput Mater Contin. 2024;79(3):3699-3723 https://doi.org/10.32604/cmc.2024.050019
IEEE Style
B.V. Cong and C.D. Xuan, "A New Framework for Software Vulnerability Detection Based on an Advanced Computing," Comput. Mater. Contin., vol. 79, no. 3, pp. 3699-3723. 2024. https://doi.org/10.32604/cmc.2024.050019



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 293

    View

  • 54

    Download

  • 0

    Like

Share Link