|Title||Enabling Automatic Repair of Source Code Vulnerabilities Using Data-Driven Methods|
|Project(s)||Data-Driven Software Engineering Department|
|Publication Type||Proceedings, refereed|
|Year of Publication||2022|
|Conference Name||44th International Conference on Software Engineering Companion (ICSE ’22 Companion), Doctoral Symposium|
|Publisher||Association for Computing Machinery|
|Keywords||automatic program repair, graph-based machine learning, ml4code, natural language processing, software security, static analysis|
Users around the world rely on software-intensive systems in their day-to-day activities. These systems regularly contain bugs and security vulnerabilities. To facilitate bug fixing, data-driven models of automatic program repair use pairs of buggy and fixed code to learn transformations that fix errors in code. However, automatic repair of security vulnerabilities remains under-explored. In this work, we propose ways to improve code representations for vulnerability repair from three perspectives: input data type, data-driven models, and downstream tasks. The expected results of this work are improved code representations for automatic program repair and, specifically, fixing security vulnerabilities.