Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most current approaches to vulnerability labelling are done on a function or program level by experts with the assistance of machine learning tools. Extending this approach to the code statement level is much more costly and time-consuming and remains an open problem. In this paper, we propose a novel end-to-end deep learning-based approach to identify the vulnerability-relevant code statements of a specific function. Inspired by the specific structures observed in real-world vulnerable code, we first leverage mutual information for learning a set of latent variables representing the relevance of the source code statements to the corresponding function's vulnerability. We then propose novel clustered spatial contrastive learning in order to further improve the representation learning and the robust selection process of vulnerability-relevant code statements. Experimental results on real-world datasets of 200k+ C/C++ functions show the superiority of our method over other state-of-the-art baselines. In general, our method obtains a higher performance in VCP, VCA, and Top-10 ACC measures of between 3% to 14% over the baselines when running on real-world datasets in an unsupervised setting. Our released source code samples are publicly available at \href{https://github.com/vannguyennd/livuitcl}{https://github.com/vannguyennd/livuitcl.}
翻译:软件漏洞是一个严峻且关键的问题。通常,在由数百或数千条源代码语句构成的程序或函数中,仅有少数几条语句会引发相应的漏洞。当前大多数漏洞标记方法是在专家借助机器学习工具的辅助下,在函数或程序级别进行的。将这种方法扩展到代码语句级别成本更高、耗时更长,且仍是一个开放性问题。本文提出了一种新颖的端到端基于深度学习的方法,用于识别特定函数中与漏洞相关的代码语句。受现实世界易受攻击代码中观察到的特定结构启发,我们首先利用互信息学习一组潜在变量,用以表示源代码语句与对应函数漏洞的相关性。随后,我们提出了一种新颖的聚类空间对比学习方法,以进一步提升表征学习及漏洞相关代码语句的鲁棒选择过程。在包含20万以上C/C++函数的真实数据集上的实验结果表明,我们的方法优于其他最先进的基线方法。总体而言,在无监督设置下运行于真实数据集时,我们的方法在VCP、VCA和Top-10 ACC指标上比基线方法获得了3%至14%的性能提升。我们发布的源代码样本公开于 \href{https://github.com/vannguyennd/livuitcl}{https://github.com/vannguyennd/livuitcl}。