Explore a cutting-edge approach to vulnerability detection in source code through this conference talk from USENIX Security '23. Dive into VulChecker, a novel tool that precisely locates and classifies vulnerabilities down to the exact instruction level. Learn about the innovative program representation, slicing strategy, and message-passing graph neural network that enable VulChecker to utilize code semantics and improve vulnerability detection. Discover a new data augmentation strategy for creating robust datasets using synthetic samples. Examine VulChecker's impressive performance in identifying CVEs and uncovering a zero-day vulnerability in real-world projects. Gain insights into the future of automated vulnerability detection and its potential impact on software development security.
VulChecker - Graph-based Vulnerability Localization in Source Code
Overview
Syllabus
USENIX Security '23 - VulChecker: Graph-based Vulnerability Localization in Source Code
Taught by
USENIX
Related Courses
-
GraphSPD - Graph-Based Security Patch Detection with Enriched Code Semantics
-
Matching CVEs and Source Code for Vulnerability Detection
-
The Impact of Third-party Code on Android App Security
-
Smart Learning to Find Dumb Contracts
-
Code Aware Services for Vulnerability Detection - Welcome Back and Remarks
-
Security Posture Assessment and Improvements for Open Source Projects
