On the resilience of traditional AI algorithms towards poisoning attacks for vulnerability detection
Articles
Overview
published in
- IET Information Security Journal
publication date
- January 2024
start page
- 1
end page
- 16
full text
International Standard Serial Number (ISSN)
- 1751-8709
Electronic International Standard Serial Number (EISSN)
- 1751-8717
abstract
-
The complexity of implementations and the interconnection of assorted systems and devices facilitates the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of Artificial Intelligence (AI) a common practice. However, the use of AI is not without its problems, specially those affecting the training phase. This paper tackles this issue by characterizing the resilience against
poisoning attacks using a benchmark for vulnerability detection extracting simple code features while applying traditional AI algorithms. These choices are beneficial for the fast processing of vulnerabilities required in a triage process. The study is carried out in C#, C/C++ and PHP. Results show that the vulnerability detection process is specially affected beyond 20% of false data.
Remarkably, detecting some of the most frequent Common Weakness Enumeration is altered even with lower poison rates. Overall, KNN and SVM are the most resilient in C# and C/C++, while MLP in PHP. Indeed, vulnerability detection in PHP is less affected by attacks, while C# and C/C++ present comparable results.
Classification
subjects
- Computer Science
keywords
- vulnerability detection; poison attack; artificial intelligence; deadcode insertion; label flipping; function renaming