TY - GEN
T1 - Enhancing Automated Vulnerability Repair Through Dependency Embedding and Pattern Store
AU - Dong, Qingao
AU - Lin, Yuanzhang
AU - Sun, Hailong
AU - Gao, Xiang
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - In recent years, the proliferation of software vulnerabilities has significantly increased the complexities and costs associated with manual remediation efforts. Although AI-based methods for automated vulnerability repair are gaining traction, many existing approaches have two limitations: 1) treat code as a sequence of tokens, neglecting critical structural information like control flow and data flow, and 2) do not fully utilize the repair patterns of vulnerabilities. To address these limitations, we introduce FAVOR, an innovative tool that utilizes both the vulnerable function's code and its control flow graph (CFG) as inputs. FAVOR incorporates a dependency embedding module to capture structural and dependency information and leverages CodeT5, a state-of-the-art model pre-trained for code generation tasks. To further enhance the repair process, we introduce a pattern store that uses KNN search to retrieve similar past repair patterns, which helps guide the model toward generating more contextually accurate patches. In our experiments, FAVOR, trained on a dataset of 6548 faulty C/C++ functions, repaired 45 more vulnerabilities compared to VULREPAIR, demonstrating improved accuracy and efficiency in automated vulnerability repair.
AB - In recent years, the proliferation of software vulnerabilities has significantly increased the complexities and costs associated with manual remediation efforts. Although AI-based methods for automated vulnerability repair are gaining traction, many existing approaches have two limitations: 1) treat code as a sequence of tokens, neglecting critical structural information like control flow and data flow, and 2) do not fully utilize the repair patterns of vulnerabilities. To address these limitations, we introduce FAVOR, an innovative tool that utilizes both the vulnerable function's code and its control flow graph (CFG) as inputs. FAVOR incorporates a dependency embedding module to capture structural and dependency information and leverages CodeT5, a state-of-the-art model pre-trained for code generation tasks. To further enhance the repair process, we introduce a pattern store that uses KNN search to retrieve similar past repair patterns, which helps guide the model toward generating more contextually accurate patches. In our experiments, FAVOR, trained on a dataset of 6548 faulty C/C++ functions, repaired 45 more vulnerabilities compared to VULREPAIR, demonstrating improved accuracy and efficiency in automated vulnerability repair.
KW - Automatic Program Repair
KW - Automatic Vulnerability Repair
KW - Dependency Embedding
KW - Software Vulnerability
UR - https://www.scopus.com/pages/publications/105007304866
U2 - 10.1109/SANER64311.2025.00026
DO - 10.1109/SANER64311.2025.00026
M3 - 会议稿件
AN - SCOPUS:105007304866
T3 - Proceedings - 2025 IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2025
SP - 193
EP - 204
BT - Proceedings - 2025 IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2025
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 32nd IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2025
Y2 - 4 March 2025 through 7 March 2025
ER -