Artificial Intelligence Techniques for Security Vulnerability Prevention

TL;DR

This paper surveys artificial intelligence methods, including machine learning and NLP, for detecting and repairing security vulnerabilities in software before deployment, highlighting current capabilities and limitations.

Contribution

It categorizes AI techniques into vulnerability detection, repair, and specification analysis, providing a comprehensive overview of their applications in security vulnerability prevention.

Findings

AI techniques are useful but limited in scope.

AI tools can augment, not replace, careful system development.

Survey covers NLP, neural fuzz testing, and exploit generation.

Abstract

Computer security has been a concern for decades and artificial intelligence techniques have been applied to the area for nearly as long. Most of the techniques are being applied to the detection of attacks to running systems, but recent improvements in machine learning (for example, in natural language processing) have enabled the opportunity to process software and specifications to detect vulnerabilities in a system before it is deployed. This paper presents a survey of artificial intelligence techniques (including machine learning) to detect or repair security vulnerabilities before product introduction. In the surveyed papers, techniques are presented for using NLP to analyze requirements documents for security standard completeness, performing neural fuzz testing of software, generating exploits to detect risk, and more. We categorize current techniques into 3 groups: vulnerability detection, vulnerability repair, and specification analysis. Generally, while AI techniques have become quite useful in this area, we show that AI techniques still tend to be limited in scope, providing a collection of tools which can augment but not replace careful system development to reduce vulnerability risks.