Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection

Tuan Nguyen; Trung Le; Khanh Nguyen; Olivier de Vel; Paul Montague; John Grundy; Dinh Phung

doi:10.1007/978-3-030-47436-2_13

Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection

Tuan Nguyen, Trung Le, Khanh Nguyen, Olivier de Vel, Paul Montague, John Grundy, Dinh Phung

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

11 Citations (Scopus)

Abstract

Owing to the sharp rise in the severity of the threats imposed by software vulnerabilities, software vulnerability detection has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. Software vulnerability detection can be carried out at the source code or binary level. However, the latter is more impactful and practical since when using commercial software, we usually only possess binary software. In this paper, we leverage deep learning and kernel methods to propose the Deep Cost-sensitive Kernel Machine, a method that inherits the advantages of deep learning methods in efficiently tackling structural data and kernel methods in learning the characteristic of vulnerable binary examples with high generalization capacity. We conduct experiments on two real-world binary datasets. The experimental results have shown a convincing outperformance of our proposed method over the baselines.

Original language	English
Title of host publication	Advances in Knowledge Discovery and Data Mining
Subtitle of host publication	24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II
Editors	Hady W. Lauw, Raymond Chi-Wing Wong, Ee-Peng Lim, Alexandros Ntoulas, See-Kiong Ng, Sinno Jialin Pan
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	164-177
Number of pages	14
ISBN (Electronic)	9783030474362
ISBN (Print)	9783030474355
DOIs	https://doi.org/10.1007/978-3-030-47436-2_13
Publication status	Published - 2020
Event	Pacific-Asia Conference on Knowledge Discovery and Data Mining 2020 - Singapore, Singapore Duration: 11 May 2020 → 14 May 2020 Conference number: 24th https://pakdd2020.org (Website) https://link.springer.com/book/10.1007/978-3-030-47426-3 (Proceedings)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	12085
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Pacific-Asia Conference on Knowledge Discovery and Data Mining 2020
Abbreviated title	PAKDD 2020
Country/Territory	Singapore
City	Singapore
Period	11/05/20 → 14/05/20
Internet address	https://pakdd2020.org (Website) https://link.springer.com/book/10.1007/978-3-030-47426-3 (Proceedings)

Access to Document

10.1007/978-3-030-47436-2_13

312139041-oaFinal published version, 1.7 MB

Cite this

Nguyen, T., Le, T., Nguyen, K., de Vel, O., Montague, P., Grundy, J., & Phung, D. (2020). Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection. In H. W. Lauw, R. C.-W. Wong, E.-P. Lim, A. Ntoulas, S.-K. Ng, & S. J. Pan (Eds.), Advances in Knowledge Discovery and Data Mining: 24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II (pp. 164-177). (Lecture Notes in Computer Science; Vol. 12085 ). Springer. https://doi.org/10.1007/978-3-030-47436-2_13

Nguyen, Tuan ; Le, Trung ; Nguyen, Khanh et al. / Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection. Advances in Knowledge Discovery and Data Mining: 24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II. editor / Hady W. Lauw ; Raymond Chi-Wing Wong ; Ee-Peng Lim ; Alexandros Ntoulas ; See-Kiong Ng ; Sinno Jialin Pan. Cham Switzerland : Springer, 2020. pp. 164-177 (Lecture Notes in Computer Science).

@inproceedings{640449dc676a4034a173cdcc982f3055,

title = "Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection",

abstract = "Owing to the sharp rise in the severity of the threats imposed by software vulnerabilities, software vulnerability detection has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. Software vulnerability detection can be carried out at the source code or binary level. However, the latter is more impactful and practical since when using commercial software, we usually only possess binary software. In this paper, we leverage deep learning and kernel methods to propose the Deep Cost-sensitive Kernel Machine, a method that inherits the advantages of deep learning methods in efficiently tackling structural data and kernel methods in learning the characteristic of vulnerable binary examples with high generalization capacity. We conduct experiments on two real-world binary datasets. The experimental results have shown a convincing outperformance of our proposed method over the baselines.",

author = "Tuan Nguyen and Trung Le and Khanh Nguyen and {de Vel}, Olivier and Paul Montague and John Grundy and Dinh Phung",

year = "2020",

doi = "10.1007/978-3-030-47436-2_13",

language = "English",

isbn = "9783030474355",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "164--177",

editor = "Lauw, {Hady W.} and Wong, {Raymond Chi-Wing} and Ee-Peng Lim and Alexandros Ntoulas and See-Kiong Ng and Pan, {Sinno Jialin}",

booktitle = "Advances in Knowledge Discovery and Data Mining",

note = "Pacific-Asia Conference on Knowledge Discovery and Data Mining 2020, PAKDD 2020 ; Conference date: 11-05-2020 Through 14-05-2020",

url = "https://pakdd2020.org, https://link.springer.com/book/10.1007/978-3-030-47426-3",

}

Nguyen, T, Le, T, Nguyen, K, de Vel, O, Montague, P, Grundy, J & Phung, D 2020, Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection. in HW Lauw, RC-W Wong, E-P Lim, A Ntoulas, S-K Ng & SJ Pan (eds), Advances in Knowledge Discovery and Data Mining: 24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II. Lecture Notes in Computer Science, vol. 12085 , Springer, Cham Switzerland, pp. 164-177, Pacific-Asia Conference on Knowledge Discovery and Data Mining 2020, Singapore, Singapore, 11/05/20. https://doi.org/10.1007/978-3-030-47436-2_13

Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection. / Nguyen, Tuan; Le, Trung; Nguyen, Khanh et al.
Advances in Knowledge Discovery and Data Mining: 24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II. ed. / Hady W. Lauw; Raymond Chi-Wing Wong; Ee-Peng Lim; Alexandros Ntoulas; See-Kiong Ng; Sinno Jialin Pan. Cham Switzerland: Springer, 2020. p. 164-177 (Lecture Notes in Computer Science; Vol. 12085 ).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection

AU - Nguyen, Tuan

AU - Le, Trung

AU - Nguyen, Khanh

AU - de Vel, Olivier

AU - Montague, Paul

AU - Grundy, John

AU - Phung, Dinh

N1 - Conference code: 24th

PY - 2020

Y1 - 2020

N2 - Owing to the sharp rise in the severity of the threats imposed by software vulnerabilities, software vulnerability detection has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. Software vulnerability detection can be carried out at the source code or binary level. However, the latter is more impactful and practical since when using commercial software, we usually only possess binary software. In this paper, we leverage deep learning and kernel methods to propose the Deep Cost-sensitive Kernel Machine, a method that inherits the advantages of deep learning methods in efficiently tackling structural data and kernel methods in learning the characteristic of vulnerable binary examples with high generalization capacity. We conduct experiments on two real-world binary datasets. The experimental results have shown a convincing outperformance of our proposed method over the baselines.

AB - Owing to the sharp rise in the severity of the threats imposed by software vulnerabilities, software vulnerability detection has become an important concern in the software industry, such as the embedded systems industry, and in the field of computer security. Software vulnerability detection can be carried out at the source code or binary level. However, the latter is more impactful and practical since when using commercial software, we usually only possess binary software. In this paper, we leverage deep learning and kernel methods to propose the Deep Cost-sensitive Kernel Machine, a method that inherits the advantages of deep learning methods in efficiently tackling structural data and kernel methods in learning the characteristic of vulnerable binary examples with high generalization capacity. We conduct experiments on two real-world binary datasets. The experimental results have shown a convincing outperformance of our proposed method over the baselines.

UR - http://www.scopus.com/inward/record.url?scp=85085734461&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-47436-2_13

DO - 10.1007/978-3-030-47436-2_13

M3 - Conference Paper

AN - SCOPUS:85085734461

SN - 9783030474355

T3 - Lecture Notes in Computer Science

SP - 164

EP - 177

BT - Advances in Knowledge Discovery and Data Mining

A2 - Lauw, Hady W.

A2 - Wong, Raymond Chi-Wing

A2 - Lim, Ee-Peng

A2 - Ntoulas, Alexandros

A2 - Ng, See-Kiong

A2 - Pan, Sinno Jialin

PB - Springer

CY - Cham Switzerland

T2 - Pacific-Asia Conference on Knowledge Discovery and Data Mining 2020

Y2 - 11 May 2020 through 14 May 2020

ER -

Nguyen T, Le T, Nguyen K, de Vel O, Montague P, Grundy J et al. Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection. In Lauw HW, Wong RCW, Lim EP, Ntoulas A, Ng SK, Pan SJ, editors, Advances in Knowledge Discovery and Data Mining: 24th Pacific-Asia Conference, PAKDD 2020 Singapore, May 11–14, 2020 Proceedings, Part II. Cham Switzerland: Springer. 2020. p. 164-177. (Lecture Notes in Computer Science). doi: 10.1007/978-3-030-47436-2_13

Deep Cost-Sensitive Kernel Machine for binary software vulnerability detection

Abstract

Publication series

Conference

Access to Document

Other files and links

Cite this