|Title||Enabling Automatic Repair of Source Code Vulnerabilities Using Data-Driven Methods|
|Project(s)||Data-Driven Software Engineering Department|
|Publication Type||Technical reports|
|Year of Publication||2022|
|Keywords||automatic program repair, graph-based machine learning, ml4code, natural language processing, software security, static analysis|
Users around the world rely on software-intensive systems in their day-to-day activities. These systems regularly contain bugs and security vulnerabilities. To facilitate bug fixing, data-driven models of automatic program repair use pairs of buggy and fixed code to learn transformations that fix errors in code. However, automatic repair of security vulnerabilities remains under-explored. In this work, we propose ways to improve code representations for vulnerability repair from three perspectives: input data type, data-driven models, and downstream tasks. The expected results of this work are improved code representations for automatic program repair and, specifically, fixing security vulnerabilities.
Accepted for the ICSE '22 Doctoral Symposium