Security has become a central and unavoidable aspect of today’s software development. Practitioners and researchers have proposed many code analysis tools and techniques to mitigate security risks. These tools apply static and dynamic analysis or, more recently, machine learning. Machine learning models can achieve impressive results in finding and forecasting possible security issues in programs. However, most of the current approaches fall short of developer demands in two areas at least: explainability and granularity of predictions. In this paper, we propose a novel and simple yet, promising approach to identify potentially vulnerable source code in JavaScript programs. The model improves the state-of-the-art in terms of explainability and prediction granularity as it gives results at the level of individual source code lines, which is fine-grained enough for developers to take immediate actions. Additionally, the model explains each predicted line (i.e., provides the most similar vulnerable line from the training set) using a prototype-based approach. In a study of 186 real-world and confirmed JavaScript vulnerability fixes of 91 projects, the approach could flag 60 of the known vulnerable lines on average by marking only 10% of the code-base, but in particular cases, the model identified 100% of the vulnerable code lines while flagging only 8.72% of the code-base.
BibTeX:
@InProceedings{MVA21,
author = {Mosolygó, Balázs and Vándor, Norbert and Antal, Gábor and Hegedűs, Péter and Ferenc, Rudolf},
booktitle = {Proceedings of the 1st International Conference on Code Quality (ICCQ 2021)},
title = {Towards a Prototype Based Explainable JavaScript Vulnerability Prediction Model},
year = {2021},
month = mar,
pages = {15--25},
doi = {10.1109/ICCQ51190.2021.9392984},
url = {https://ieeexplore.ieee.org/document/9392984},
}