KJCKorea
Journal Central

@article{ART002908073},
author={Ji Hwan Mo and Sung-Moon Hong and Doh, Kyung-Goo},
title={Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information},
journal={Journal of Software Assessment and Valuation},
issn={2092-8114},
year={2022},
volume={18},
number={2},
pages={1-9},
doi={10.29056/jsav.2022.12.01}

TY - JOUR
AU - Ji Hwan Mo
AU - Sung-Moon Hong
AU - Doh, Kyung-Goo
TI - Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information
JO - Journal of Software Assessment and Valuation
PY - 2022
VL - 18
IS - 2
PB - Korea Software Assessment and Valuation Society
SP - 1
EP - 9
SN - 2092-8114
AB - Taint analysis is widely used in detecting security vulnerabilities in source code. However, it is difficult to obtain accurate results in reasonable amount of computing time due to the nature of static analysis. This paper proposes a new way of detecting security vulnerabilities using machine-learning technology utilizing an already established model, graph2vec. The flow graph of a program is transformed into a vector and then given to the model. The data set is prepared by first constructing simplified program and then applying mutation. The evaluation results show that the model detects security vulnerabilities with the accuracy of up to 99%, positively showing the possibility of applying machine-learning technology to the static detection of security vulnerabilities in source code.
KW - taint analysis;security vulnerability;flow graph;machine learning;graph embedding
DO - 10.29056/jsav.2022.12.01
ER -

Ji Hwan Mo, Sung-Moon Hong and Doh, Kyung-Goo. (2022). Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information. Journal of Software Assessment and Valuation, 18(2), 1-9.

Ji Hwan Mo, Sung-Moon Hong and Doh, Kyung-Goo. 2022, "Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information", Journal of Software Assessment and Valuation, vol.18, no.2 pp.1-9. Available from: doi:10.29056/jsav.2022.12.01

Ji Hwan Mo, Sung-Moon Hong, Doh, Kyung-Goo "Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information" Journal of Software Assessment and Valuation 18.2 pp.1-9 (2022) : 1.

Ji Hwan Mo, Sung-Moon Hong, Doh, Kyung-Goo. Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information. 2022; 18(2), 1-9. Available from: doi:10.29056/jsav.2022.12.01

Ji Hwan Mo, Sung-Moon Hong and Doh, Kyung-Goo. "Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information" Journal of Software Assessment and Valuation 18, no.2 (2022) : 1-9.doi: 10.29056/jsav.2022.12.01

Ji Hwan Mo; Sung-Moon Hong; Doh, Kyung-Goo. Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information. Journal of Software Assessment and Valuation, 18(2), 1-9. doi: 10.29056/jsav.2022.12.01

Ji Hwan Mo; Sung-Moon Hong; Doh, Kyung-Goo. Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information. Journal of Software Assessment and Valuation. 2022; 18(2) 1-9. doi: 10.29056/jsav.2022.12.01

Ji Hwan Mo, Sung-Moon Hong, Doh, Kyung-Goo. Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information. 2022; 18(2), 1-9. Available from: doi:10.29056/jsav.2022.12.01

Ji Hwan Mo, Sung-Moon Hong and Doh, Kyung-Goo. "Static Detection of Security Vulnerabilities Using Machine Learning on Graph Information" Journal of Software Assessment and Valuation 18, no.2 (2022) : 1-9.doi: 10.29056/jsav.2022.12.01