Open Access Open Access  Restricted Access Subscription Access

A Mutation-Based Data Enhancement Approach for Software Vulnerability Detection

Lianyi Su,
Jie Hu,
Wei Zheng,

Abstract


Effective software vulnerability detection is paramount for ensuring the security of software systems. However, the presence of imbalanced data in extensive datasets often leads to overfitting on non-vulnerable code and suboptimal performance on vulnerable code. Traditional methods of collecting vulnerable data frequently fall short in capturing the complexities of real-world scenarios. This paper proposes a mutation-based data enhancement approach to tackle this challenge, with a focus on capturing essential traits of vulnerable source code. Our approach systematically extracts traits from extensive vulnerable source code and employs mutation operators to introduce high-level alterations. We evaluate the convergence of multiple mutation rounds using a diversity index to ensure consistent enhancements. By selecting the most effective mutation operators for subsequent model training, our approach achieves substantial accuracy improvements across diverse datasets and deep neural network models. This work represents the initial version of our approach, with continuous refinements underway to facilitate practical implementation and address real-world security challenges.

Keywords


Deep learning, Vulnerability detection, Data enhancement, Code mutation

Citation Format:
Lianyi Su, Jie Hu, Wei Zheng, "A Mutation-Based Data Enhancement Approach for Software Vulnerability Detection," Journal of Internet Technology, vol. 25, no. 6 , pp. 931-943, Nov. 2024.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314  E-mail: jit.editorial@gmail.com