Artificial Intelligence Techniques for Security Vulnerability Prevention

12/14/2019
by   Steve Kommrusch, et al.
0

Computer security has been a concern for decades and artificial intelligence techniques have been applied to the area for nearly as long. Most of the techniques are being applied to the detection of attacks to running systems, but recent improvements in machine learning (for example, in natural language processing) have enabled the opportunity to process software and specifications to detect vulnerabilities in a system before it is deployed. This paper presents a survey of artificial intelligence techniques (including machine learning) to detect or repair security vulnerabilities before product introduction. In the surveyed papers, techniques are presented for using NLP to analyze requirements documents for security standard completeness, performing neural fuzz testing of software, generating exploits to detect risk, and more. We categorize current techniques into 3 groups: vulnerability detection, vulnerability repair, and specification analysis. Generally, while AI techniques have become quite useful in this area, we show that AI techniques still tend to be limited in scope, providing a collection of tools which can augment but not replace careful system development to reduce vulnerability risks.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/06/2021

Security Vulnerability Detection Using Deep Learning Natural Language Processing

Detecting security vulnerabilities in software before they are exploited...
research
06/01/2023

ExTRUST: Reducing Exploit Stockpiles with a Privacy-Preserving Depletion System for Inter-State Relationships

Cyberspace is a fragile construct threatened by malicious cyber operatio...
research
01/26/2022

Automatic detection of access control vulnerabilities via API specification processing

Objective. Insecure Direct Object Reference (IDOR) or Broken Object Leve...
research
01/03/2022

AI Racial Equity: Understanding Sentiment Analysis Artificial Intelligence, Data Security, and Systemic Theory in Criminal Justice Systems

Various forms of implications of artificial intelligence that either exa...
research
01/12/2023

Against Algorithmic Exploitation of Human Vulnerabilities

Decisions such as which movie to watch next, which song to listen to, or...
research
07/05/2023

Vulnerable Source Code Detection using SonarCloud Code Analysis

In Software Development Life Cycle (SDLC), security vulnerabilities are ...
research
01/03/2023

Cheesecloth: Zero-Knowledge Proofs of Real-World Vulnerabilities

Currently, when a security analyst discovers a vulnerability in critical...

Please sign up or login with your details

Forgot password? Click here to reset