MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection

Claudio Curto; Daniela Giordano; Simone Palazzo; Daniel Indelicato

doi:10.5220/0012719400003767

MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection

Claudio Curto, Daniela Giordano, Simone Palazzo, Daniel Indelicato

2024

Abstract

Research in software vulnerability detection has grown exponentially and a great number of vulnerability detection systems have been proposed. Recently, researchers have started considering machine learning and deep learning-based approaches. Various techniques, models and approaches with state of the art performance have been proposed for vulnerability detection, with some of these performing line-level localization of the vulnerabilities in the source code. However, the majority of these approaches suffers from several limitations, caused mainly by the use of synthetic data and by the inability to categorize the vulnerabilities detected. Our study propose a method to overcome these limitations, exploring the effects of different transformer-based approaches to extend the models capabilities while enhancing the vulnerability detection performance. Finally, we propose a transformer-based multitask model trained on real world data for highly reliable results in vulnerability detection, CWE categorization and line-level detection.

Download

Paper Citation

in Harvard Style

Curto C., Giordano D., Palazzo S. and Indelicato D. (2024). MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 416-423. DOI: 10.5220/0012719400003767

in Bibtex Style

@conference{secrypt24,
author={Claudio Curto and Daniela Giordano and Simone Palazzo and Daniel Indelicato},
title={MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={416-423},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012719400003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - MultiVD: A Transformer-based Multitask Approach for Software Vulnerability Detection
SN - 978-989-758-709-2
AU - Curto C.
AU - Giordano D.
AU - Palazzo S.
AU - Indelicato D.
PY - 2024
SP - 416
EP - 423
DO - 10.5220/0012719400003767
PB - SciTePress