A novel deep learning-based feature selection model for improving the static analysis of vulnerability detection

Abstract

The automatic detection of software vulnerabilities is considered a complex and common research problem. It is possible to detect several security vulnerabilities using static analysis (SA) tools, but comparatively high false-positive rates are observed in this case. Existing solutions to this problem depend on human experts to identify functionality, and as a result, several vulnerabilities are often overlooked. This paper introduces a novel approach for effectively and reliably finding vulnerabilities in open-source software programs. In this paper, we are motivated to examine the potential of the clonal selection theory. A novel deep learning-based vulnerability detection model is proposed to define features using the clustering theory of the clonal selection algorithm. To our knowledge, this is the first time we have used deep-learned long-lived team-hacker features to process memories of sequential features and mapping from the entire history of previous inputs to target vectors in theory. With an immune-based feature selection model, the proposed approach aimed to improve static analyses' detection abilities. A real-world SA dataset is used based on three open-source PHP applications. Comparisons are conducted based on using a classification model for all features to measure the proposed feature selection methods' classification improvement. The results demonstrated that the proposed method got significant enhancements, which occurred in the classification accuracy also in the true positive rate.