On the resilience of traditional AI algorithms towards poisoning attacks for vulnerability detection Articles uri icon

publication date

  • January 2024

start page

  • 1

end page

  • 16

International Standard Serial Number (ISSN)

  • 1751-8709

Electronic International Standard Serial Number (EISSN)

  • 1751-8717

abstract

  • The complexity of implementations and the interconnection of assorted systems and devices facilitates the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of Artificial Intelligence (AI) a common practice. However, the use of AI is not without its problems, specially those affecting the training phase. This paper tackles this issue by characterizing the resilience against
    poisoning attacks using a benchmark for vulnerability detection extracting simple code features while applying traditional AI algorithms. These choices are beneficial for the fast processing of vulnerabilities required in a triage process. The study is carried out in C#, C/C++ and PHP. Results show that the vulnerability detection process is specially affected beyond 20% of false data.
    Remarkably, detecting some of the most frequent Common Weakness Enumeration is altered even with lower poison rates. Overall, KNN and SVM are the most resilient in C# and C/C++, while MLP in PHP. Indeed, vulnerability detection in PHP is less affected by attacks, while C# and C/C++ present comparable results.

subjects

  • Computer Science

keywords

  • vulnerability detection; poison attack; artificial intelligence; deadcode insertion; label flipping; function renaming