DCCS Program
For more details please refer to the individual workshop page.
Wednesday, October 11th
Keynote
Speaker: Yulei Sui, School of Computer Science and Engineering, University of New South Wales (UNSW)
Title: Path-Sensitive Code Embedding for Software Vulnerability Detection
Machine learning and its promising branch deep learning have shown success in a wide range of application domains. Recently, much effort has been expended on applying deep learning techniques (e.g., graph neural networks) to static vulnerability detection as an alternative to conventional bug detection methods. To obtain the structural information of code, current learning approaches typically abstract a program in the form of graphs (e.g., data-flow graphs, abstract syntax trees), and then train an underlying classification model based on the (sub)graphs of safe and vulnerable code fragments for vulnerability prediction. However, these models are still insufficient for precise bug detection, because the objective of these models is to produce classification results rather than comprehending the semantics of vulnerabilities, e.g., pinpoint bug triggering paths, which are essential for static bug detection. In this talk, I will present a selective yet precise contrastive value-flow embedding approach to statically detect software vulnerabilities. The novelty of ContraFlow lies in selecting and preserving feasible value-flow (aka program dependence) paths through a pretrained path embedding model using self-supervised contrastive learning, thus significantly reducing the amount of labeled data required for training expensive downstream models for path-based vulnerability detection.
Yulei Sui is an Associate Professor at School of Computer Science and Engineering, University of New South Wales (UNSW). He is broadly interested in Program Analysis, Secure Software Engineering and Machine Learning. In particular, his research focuses on building open-source frameworks for static analysis and verification techniques to improve the reliability and security of modern software systems. His recent interest lies at the intersection of programming languages, natural languages and machine learning. Specifically, his current research projects include secure machine learning, software analysis and verification for bug detection through data mining and deep learning.
His papers have been published in the top-tier conferences and journals in the field of program analysis and software engineering such as PLDI, OOPSLA, ASPLOS, TSE, TOSEM, ICSE, FSE, ISSTA, ASE, ECOOP, SAS, CGO and CC. He was a plenary talk speaker at EuroLLVM 2016, and has been awarded a 2022 OOPSLA Distinguished Artifact Award, a 2021 ICSE Distinguished Reviewer, 2020 OOPSLA Distinguished Paper, a 2019 SAS Best Paper, a 2018 ICSE Distinguished Paper, a 2013 CGO Best Paper, JSPS Invitational Fellowship (2022), ARC Discovery Early Career Researcher Award (2017-2019) and ARC Future Fellowship (2023-2026).
Program
(9:00 - 10:00) [Keynote] Path-Sensitive Code Embedding for Software Vulnerability Detection
Yulei Sui
(10:00 - 10:30) Coffee Break
(10:30 - 10:45) Software Reliability Prediction via Neural Network
Wataru Zama and Xiao Xiao
(10:45 - 11:00) Towards Predicting Source Code Changes Based on Natural Language Processing Models: An Empirical Evaluation
Yuto Kaibe, Hiroyuki Okamura, and Tadashi Dohi
(11:00 - 11:15) Formalization and Verification of the ICC Mechanism in Android System Using CSP
Yixiao Lv, Jiaqi Yin, Sini Chen, and Huibiao Zhu
(11:15 - 11:30) Semantics-Based, Automated Preparation of Exploratory Data Analysis for Complex Systems
Noor Al-Gburi, Imre Kocsis, and Attila Klenik