BiTCN_DRSN: An effective software vulnerability detection model based on an improved temporal convolutional network

Jinfu Chen, Wei Lin, Saihua Cai, Yemin Yin, Haibo Chen, Dave Towey

Research output: Journal PublicationArticlepeer-review

9 Citations (Scopus)

Abstract

The detection of software vulnerabilities is a challenging task in the field of security. With the increasing scale of software and the rapid development of artificial intelligence technology, deep learning has been extensively applied to automatic vulnerability detection. Temporal Convolutional Networks (TCNs) have been shown to perform well in tasks that can be processed in parallel; they can adaptively learn complex structures (including in-time series data); and they have exhibited stable gradients — they are relatively easier to train, and can quickly converge to an optimal solution. However, TCNs cannot simultaneously capture the bidirectional semantics of the source code, since they do not have a bidirectional network structure. Furthermore, because of the weak noise resistance of residual TCN connections, TCNs are also susceptible to learning features that are not related to vulnerabilities when learning the source code features. To overcome the limitations of the traditional TCN, we propose a bidirectional TCN model based on the Deep Residual Shrinkage Network (DRSN), namely BiTCN_DRSN. BiTCN_DRSN combines TCN and DRSN to enhance the noise immunity and make the network model more attentive to the features associated with vulnerabilities. In addition, addressing the limitation that the TCN is a unidirectional network structure, the forward and backward sequences are utilized for bidirectional source-code feature learning. The experimental results show that the proposed BiTCN_DRSN model can effectively improve the accuracy of source-code vulnerability detection, compared with some existing neural-network models. Compared with the traditional TCN, our model increases the accuracy by 4.22%, 2.42% and 2.66% on the BE-ALL, RM-ALL and HY-ALL datasets, respectively. The proposed BiTCN_DRSN model also exhibits improved detection stability.

Original languageEnglish
Article number111772
JournalJournal of Systems and Software
Volume204
Early online date7 Jun 2023
DOIs
Publication statusPublished - Oct 2023

Keywords

  • Software security
  • Vulnerability detection
  • Deep learning
  • Deep residual shrinkage network

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'BiTCN_DRSN: An effective software vulnerability detection model based on an improved temporal convolutional network'. Together they form a unique fingerprint.

Cite this