IEEE Access (Jan 2020)

Software Vulnerability Analysis and Discovery Using Deep Learning Techniques: A Survey

  • Peng Zeng,
  • Guanjun Lin,
  • Lei Pan,
  • Yonghang Tai,
  • Jun Zhang

DOI
https://doi.org/10.1109/ACCESS.2020.3034766
Journal volume & issue
Vol. 8
pp. 197158 – 197172

Abstract

Read online

Exploitable vulnerabilities in software have attracted tremendous attention in recent years because of their potentially high severity impact on computer security and information safety. Many vulnerability detection methods have been proposed to aid code inspection. Among these methods, there is a line of studies that apply machine learning techniques and achieve promising results. This paper reviews 22 recent studies that adopt deep learning to detect vulnerabilities, aiming to show how they utilize state-of-the-art neural techniques to capture possible vulnerable code patterns. Among reviewed studies, we identify four game changers that significantly impact the domain of deep learning-based vulnerability detection and provide detailed reviews of the insights, ideas, and concepts that the game changers have brought to this field of interest. Based on the four identified game changers, we review the remaining studies, presenting their approaches and solutions which either build on or extend the game changers, and sharing our views on the future research trends. We also highlight the challenges faced in this field and discuss potential research directions. We hope to motivate the readers to conduct further research in this developing but fast-growing field.

Keywords