A deep learning based static taint analysis approach for IoT software vulnerability location

Abstract

Computer system vulnerabilities, computer viruses, and cyber attacks are rooted in software vulnerabilities. Reducing software defects, improving software reliability and security are urgent problems in the development of software. The core content is the discovery and location of software vulnerability. However, traditional human experts-based approaches are labor-consuming and time-consuming. Thus, some automatic detection approaches are proposed to solve the problem. But, they have a high false negative rate. In this paper, a deep learning based static taint analysis approach is proposed to automatically locate Internet of Things (IoT) software vulnerability, which can relieve tedious manual analysis and improve detection accuracy. Deep learning is used to detect vulnerability since it considers the program context. Firstly, the taint from the difference file between the source program and its patched program selection rules are designed. Secondly, the taint propagation paths are got using static taint analysis. Finally, the detection model based on two-stage Bidirectional Long Short Term Memory (BLSTM) is applied to discover and locate software vulnerabilities. The Code Gadget Database is used to evaluate the proposed approach, which includes two types of vulnerabilities in C/C++ programs, buffer error vulnerability (CWE-119) and resource management error vulnerability (CWE-399). Experimental results show that our proposed approach can achieve an accuracy of 0.9732 for CWE-119 and 0.9721 for CWE-399, which is higher than that of the other three models (the accuracy of RNN, LSTM, and BLSTM is under than 0.97) and achieve a lower false negative rate and false positive rate than the other approaches.