Helping to share the web since 1996


System Debugging: Advances in Software Vulnerability

 Software vulnerabilities are prevalent in all systems built from source code, causing a variety of problems including deadlocks, hacking, or even system failure. Therefore, early predictions of vulnerabilities are crucial for security software systems. To counteract this, experts at the Faculty of Information Technology have developed the LineVul approach and found that it increases the accuracy in predicting software vulnerabilities by more than 300%, while spending only half the usual time and effort, in Comparison to current best-in-class prediction tools. LineVul is also capable of protecting against the 25 most dangerous and common source code vulnerabilities and can be extensively applied to strengthen cybersecurity in any application built with source code.

 

Author Dr Chakkrit Tantithamthavorn, from the Information Technology (IT) faculty, said standard software programs contain millions to billions of lines of code and it often takes a long time to identify and fix vulnerabilities. With the proposed LineVul approach, not only are we able to predict the most critical areas of vulnerability, but we are also able to identify the location of vulnerabilities down to the exact line of code. Research co-author Michael Fu said the LineVul approach has been tested on large real-world datasets containing more than 188,000 lines of software code. Software developers typically spend a lot of time identifying vulnerabilities in code, either during the development process or after the program has been implemented.

 The presence of vulnerabilities, especially after program implementation, can expose software systems to potentially dangerous cyber attacks. The LineVul approach can be broadly applied to any software system to strengthen applications against cyberattacks and can be an important tool for developers, especially in security-sensitive areas such as software used by the Australian government, defence, financial sector, etc . Future research building on the LineVul approach includes developing new methods to automatically suggest fixes for vulnerabilities in software code.

«

»

Back to news headlines