|Authors||D. Binkley, L. Moonen and S. Isaacman|
|Title||Featherweight Assisted Vulnerability Discovery|
|Project(s)||Data-Driven Software Engineering Department|
|Publication Type||Technical reports|
|Year of Publication||2022|
|Keywords||identifier splitting, model interpretability, software security, source code vocabulary, vulnerability prediction|
Predicting vulnerable source code helps to focus attention on those parts of the code that need to be examined with more scrutiny. Recent work proposed the use of function names as semantic cues that can be learned by a deep neural network (DNN) to aid in the hunt for vulnerability of functions.
Because it is more transparent than a DNN, the frequency-based algorithm enables us to investigate the inner workings of the DNN. If successful, this investigation into what the DNN does and does not learn will help us train more effective future models.