Article
Version 1
Preserved in Portico This version is not peer-reviewed
Improving VulRepair’s Perfect Prediction by Leveraging the LION Optimizer
Version 1
: Received: 10 June 2024 / Approved: 11 June 2024 / Online: 12 June 2024 (00:14:09 CEST)
A peer-reviewed article of this Preprint also exists.
Kishiyama, B.; Lee, Y.; Yang, J. Improving VulRepair’s Perfect Prediction by Leveraging the LION Optimizer. Appl. Sci. 2024, 14, 5750. Kishiyama, B.; Lee, Y.; Yang, J. Improving VulRepair’s Perfect Prediction by Leveraging the LION Optimizer. Appl. Sci. 2024, 14, 5750.
Abstract
In many of the current software applications, numerous vulnerabilities may be present.1 Attackers attempt to exploit existing vulnerabilities that lead to security breaches, unauthorized entry,2 data theft, or incapacitation of a computer system. Rather than addressing software or hardware3 vulnerabilities at a later stage, it is better to address them immediately. DevSecOps, when utilized4 in application development, tackles these vulnerabilities at an early stage. AIBughunter is a tool5 that addresses this problem in software and was developed by the ASWM research group to predict,6 classify, and repair software vulnerabilities. AIBughunter integrates LineVul to find vulnerable7 code lines and returns information about the type of vulnerability and its severity to developers.8 It also includes a tool, VulRepair, which detects and repairs vulnerabilities. VulRepair currently9 predicts patches for vulnerable functions at 44%. In order to become truly effective, this number 10 needs to be increased. This study examines VulRepair to see whether the 44% Perfect Prediction 11 can be increased. VulRepair is a T5 based model that uses Natural Language and Programming 12 Languages for pre-training along with Byte Pair Encoding. It outperforms other existing models, 13 such as VRepair and CodeBERT. However, the hyperparameters may not be optimized due to the 14 development of new optimizers. We review a Deep Neural Network (DNN) optimizer developed by 15 Google in 2023. This optimizer called Evolved Sign Momentum (LION) is available in PyTorch. We 16 applied this optimizer to VulRepair and tested its influence on hyperparameters. After adjusting the 17 hyperparameters, we obtained a 56% Perfect Prediction, which exceeds the value of the VulRepair 18 report of 44%. This means that VulRepair can repair more vulnerabilities and avoid more attacks. As 19 far as we know, our approach of utilizing an alternative to AdamW, the standard optimizer, has not 20 been previously applied to enhance VulRepair and similar models. 21
Keywords
VulRepair; T5 transformer; LION Optimizer
Subject
Computer Science and Mathematics, Computer Science
Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Comments (0)
We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.
Leave a public commentSend a private comment to the author(s)
* All users must log in before leaving a comment