Finding Security Exploits Using Artificial Intelligence
Yam Peleg
- Audience level:
- Experienced
Description
The following poster presents an algorithm designed to detect security exploits (Especially malicious memory access) in source code files. The concept combines several aspects of computer science such as lexical analysis and artificial intelligence and uses those to detect vulnerabilities that might be exploited in the future.
Abstract
The following research is about using Neural Networks to identify risky areas of software code (sources. Not a compiled binary) that might be exploited in the future. It includes the use of vulnerable files from CVE Details (www.cvedetails.com) as an example of a risky code.
The algorithm developed breaks the files into several logic blocks that served as a training set for the network using known concepts of lexical analysis suck as tokenization and sub tokenization And for the correct desired outcome it uses the CVSS score of the file.
After some training of the network the algorithm produced some interesting results. And was then tested on specifically written risky code.
Sponsors
Gold
Institutional
Silver
Bronze
Partner
