8. Software vulnerability detection using deep learning


Thomas Heinze

The Secure Software Engineering group at the DLR Institute of Data Science investigates and develops concepts and tools to support the development of safe software systems in research institutions such as the DLR. A particular focus is on the validation of development concepts and best practices through intelligent and data-driven analysis of the process data, metadata and artifacts that are generated in modern software development.

What is the data science project’s research question? How to integrate prior knowledge into a deep learning software vulnerability detection system? 

What data will be worked on? The Software Assurance Reference Dataset (SARD) will be used for the project.

What tasks will this project involve? Based on the group’s prior work, implement/extend a deep learning vulnerability detection pipeline.

The next step is to apply an existing method for prior knowledge integration to the system. This may require a redesign of the data set.

Afterwards, extensive experiments are planned to evaluate the setup.

What makes this project interesting to work on? Deep learning techniques deliver outstanding performance in a wide variety of tasks, including the field of software engineering. The student has the opportunity to learn about and contribute to the current state of research in the area of software vulnerability detection.  

What is the expected outcome?  Contribution to software development, Data set

What infrastructure, programs and tools will be used? Can they be used remotely?  For the training of the deep neural networks, we will provide access to our server infrastructure. With regular meetings, discussing goals, progress, and other aspects of the project, remote work will be possible.

What skills are necessary for this project? Data mining / Machine learning, Deep learning, optional: Software Engineering, IT Security

Is the data open source? yes 

Interested candidates should be at Master level. Thomas Heinze is looking for 1 visiting scientist, working on the project with Bernd Gruner (bernd.gruner@dlr.de) as supervisor, with the team.