The significance of early vulnerability identification in ensuring security during software development cannot be denied. In this research, we introduce CWEpredBELL, a unique automated vulnerability prediction method that makes use of a modified pre-trained language model derived from CodeBERT. With a binary classification layer, an improved optimizer, and a fine-tuned loss function to boost model performance, our method is especially tailored for identifying vulnerabilities in source code. We used cross-validation techniques and the Local Interpretable Model-Agnostic Explanations (LIME) approach to identify particular lines of error in the source code. The experimental comparison demonstrates that CWEpredBELL is an effective method of automatically identifying vulnerabilities.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Improving Software Security Through a LLM-Based Vulnerability Detection Model

  • Syeda Sadia Alam,
  • Mst Shapna Akter,
  • Alfredo Cuzzocrea

摘要

The significance of early vulnerability identification in ensuring security during software development cannot be denied. In this research, we introduce CWEpredBELL, a unique automated vulnerability prediction method that makes use of a modified pre-trained language model derived from CodeBERT. With a binary classification layer, an improved optimizer, and a fine-tuned loss function to boost model performance, our method is especially tailored for identifying vulnerabilities in source code. We used cross-validation techniques and the Local Interpretable Model-Agnostic Explanations (LIME) approach to identify particular lines of error in the source code. The experimental comparison demonstrates that CWEpredBELL is an effective method of automatically identifying vulnerabilities.