Meta-heuristic-based hybrid deep learning model for vulnerability detection and prevention in software system

IF 0.9 4区数学 Q4 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

Journal of Combinatorial Optimization Pub Date : 2024-08-20 DOI:10.1007/s10878-024-01185-z

Lijin Shaji, R. Suji Pramila

{"title":"Meta-heuristic-based hybrid deep learning model for vulnerability detection and prevention in software system","authors":"Lijin Shaji, R. Suji Pramila","doi":"10.1007/s10878-024-01185-z","DOIUrl":null,"url":null,"abstract":"<p>Software vulnerabilities are flaws that may be exploited to cause loss or harm. Various automated machine-learning techniques have been developed in preceding studies to detect software vulnerabilities. This work tries to develop a technique for securing the software on the basis of their vulnerabilities that are already known, by developing a hybrid deep learning model to detect those vulnerabilities. Moreover, certain countermeasures are suggested based on the types of vulnerability to prevent the attack further. For different software projects taken as the dataset, feature fusion is done by utilizing canonical correlation analysis together with Deep Residual Network (DRN). A hybrid deep learning technique trained using AdamW-Rat Swarm Optimizer (AdamW-RSO) is designed to detect software vulnerability. Hybrid deep learning makes use of the Deep Belief Network (DBN) and Generative Adversarial Network (GAN). For every vulnerability, its location of occurrence within the software development procedures and techniques of alleviation via implementation level or design level activities are described. Thus, it helps in understanding the appearance of vulnerabilities, suggesting the use of various countermeasures during the initial phases of software design, and therefore, assures software security. Evaluating the performance of vulnerability detection by the proposed technique regarding recall, precision, and f-measure, it is found to be more effective than the existing methods.</p>","PeriodicalId":50231,"journal":{"name":"Journal of Combinatorial Optimization","volume":null,"pages":null},"PeriodicalIF":0.9000,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Combinatorial Optimization","FirstCategoryId":"100","ListUrlMain":"https://doi.org/10.1007/s10878-024-01185-z","RegionNum":4,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Software vulnerabilities are flaws that may be exploited to cause loss or harm. Various automated machine-learning techniques have been developed in preceding studies to detect software vulnerabilities. This work tries to develop a technique for securing the software on the basis of their vulnerabilities that are already known, by developing a hybrid deep learning model to detect those vulnerabilities. Moreover, certain countermeasures are suggested based on the types of vulnerability to prevent the attack further. For different software projects taken as the dataset, feature fusion is done by utilizing canonical correlation analysis together with Deep Residual Network (DRN). A hybrid deep learning technique trained using AdamW-Rat Swarm Optimizer (AdamW-RSO) is designed to detect software vulnerability. Hybrid deep learning makes use of the Deep Belief Network (DBN) and Generative Adversarial Network (GAN). For every vulnerability, its location of occurrence within the software development procedures and techniques of alleviation via implementation level or design level activities are described. Thus, it helps in understanding the appearance of vulnerabilities, suggesting the use of various countermeasures during the initial phases of software design, and therefore, assures software security. Evaluating the performance of vulnerability detection by the proposed technique regarding recall, precision, and f-measure, it is found to be more effective than the existing methods.

Abstract Image

查看原文本刊更多论文

基于元启发式的混合深度学习模型用于软件系统的漏洞检测和预防

软件漏洞是指可能被利用造成损失或伤害的缺陷。在之前的研究中，已经开发了各种自动化机器学习技术来检测软件漏洞。这项工作试图通过开发一种混合深度学习模型来检测这些漏洞，从而在已知漏洞的基础上开发一种确保软件安全的技术。此外，还根据漏洞类型提出了一些对策，以进一步防止攻击。对于作为数据集的不同软件项目，利用典型相关分析和深度残差网络（DRN）进行特征融合。使用 AdamW-Rat Swarm Optimizer（AdamW-RSO）训练的混合深度学习技术旨在检测软件漏洞。混合深度学习利用了深度信念网络（DBN）和生成对抗网络（GAN）。对于每个漏洞，都会描述其在软件开发程序中出现的位置，以及通过实施级或设计级活动来缓解的技术。因此，它有助于了解漏洞的出现，建议在软件设计的初始阶段使用各种对策，从而确保软件的安全性。通过评估拟议技术在召回率、精确度和 f-measure 方面的漏洞检测性能，发现它比现有方法更有效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Combinatorial Optimization 数学-计算机：跨学科应用

CiteScore

2.00

自引率

10.00%

发文量

审稿时长

6 months

期刊介绍： The objective of Journal of Combinatorial Optimization is to advance and promote the theory and applications of combinatorial optimization, which is an area of research at the intersection of applied mathematics, computer science, and operations research and which overlaps with many other areas such as computation complexity, computational biology, VLSI design, communication networks, and management science. It includes complexity analysis and algorithm design for combinatorial optimization problems, numerical experiments and problem discovery with applications in science and engineering. The Journal of Combinatorial Optimization publishes refereed papers dealing with all theoretical, computational and applied aspects of combinatorial optimization. It also publishes reviews of appropriate books and special issues of journals.