AI-Based Software Vulnerability Detection: A Systematic Literature Review
Samiha Shimmi, Hamed Okhravi, Mona Rahimi
TL;DR
This paper systematically reviews AI-driven software vulnerability detection methods from 2018 to 2023, highlighting prevalent techniques, limitations, and future research directions in cybersecurity.
Contribution
It provides a comprehensive taxonomy of AI-based SVD techniques, analyzes current research trends, and identifies key challenges and emerging opportunities in the field.
Findings
91% of studies use AI-based methods
Graph-based models are most prevalent
Identified limitations include dataset quality and reproducibility
Abstract
Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of software vulnerability detection (SVD) research from 2018 to 2023, offering a comprehensive taxonomy of techniques, feature representations, and embedding methods. Our analysis reveals that 91% of studies use AI-based methods, with graph-based models being the most prevalent. We identify key limitations, including dataset quality, reproducibility, and interpretability, and highlight emerging opportunities in underexplored techniques such as federated learning and quantum neural networks, providing a roadmap for future research.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Engineering Research · Information and Cyber Security · Advanced Malware Detection Techniques