Vulnerability detection under poisoning attacks through code and token features

Vulnerability detection under poisoning attacks through code and token features | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Vulnerability detection under poisoning attacks through code and token features Lorena González-Manzano, Joaquin Garcia-Alfaro This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-4355876/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract The complexity of implementations and the interconnection of assorted systems and devices facilitates the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of Artificial Intelligence (AI) a common practice. However, the use of AI is not without its problems, specially those affecting the training phase. This paper tackles this issue following a two-fold approach. First, an AI-based vulnerability detection system based on code and token metrics, dubbed VulCoT, is developed. It reaches state-of-the-art performance while being suitable for C#, C/C++ and PHP. Second, the impact of poisoning attacks on VulCoT is analysed. Results show that VulCoT is specially affected beyond 20% of false data. Remarkably, detecting some of the most frequent Common Weakness Enumeration is altered even with lower poison rates. Overall, KNN and SVM are more appropriate for system protection in C# and C/C++, while MLP in PHP. Indeed, PHP is the language which is less affected by attacks, while C# and C/C++ present comparable results. Vulnerability detection poison attack artificial intelligence deadcode insertion label flipping function renaming Full Text Additional Declarations No competing interests reported. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-4355876","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":298304454,"identity":"36319b37-8825-4989-8260-fdcc1230e8cd","order_by":0,"name":"Lorena González-Manzano","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA6klEQVRIiWNgGAWjYBACPhiDn5mB4QOQtiOohQ3GkGxmYJwBpJOJ12JwAKKFsYGgFv7ViZ8L/tjlGR/nPdjA2GbHrNvAfPgDXi0SbzdLz+BJLjY7zJcI1JLMZ3aALU0Cv5azG6R5JJgTtx3mMX/A2HaA2ewAjxl+h0mc3fybx6A+cXMzjyHQlgOM2w7wf8bvMP7ebdI8CYcTNzDDtfAwEHAY7zZrngPHE2ccBmpJOJecbHaYzQyvFn7+s5tv8/ypTuzvP2PY8KHMzs7sePNjvA5jkEhA4oDZzHjVg6w5QEjFKBgFo2AUjHgAAK81RZJmYi5BAAAAAElFTkSuQmCC","orcid":"","institution":"Carlos III University of Madrid","correspondingAuthor":true,"prefix":"","firstName":"Lorena","middleName":"","lastName":"González-Manzano","suffix":""},{"id":298304456,"identity":"e3c99589-acc3-4d29-bd0f-a508b68780c7","order_by":1,"name":"Joaquin Garcia-Alfaro","email":"","orcid":"","institution":"Institut Polytechnique de Paris","correspondingAuthor":false,"prefix":"","firstName":"Joaquin","middleName":"","lastName":"Garcia-Alfaro","suffix":""}],"badges":[],"createdAt":"2024-05-01 20:24:12","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-4355876/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-4355876/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":59622232,"identity":"bf32ad18-8bfb-4acd-88e1-3fb4c173b7b7","added_by":"auto","created_at":"2024-07-04 02:37:18","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":655856,"visible":true,"origin":"","legend":"","description":"","filename":"VulCoTEURASIP.pdf","url":"https://assets-eu.researchsquare.com/files/rs-4355876/v1_covered_0ae753dc-9607-4252-9eeb-3afe0f84a3b8.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Vulnerability detection under poisoning attacks through code and token features","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"Vulnerability detection, poison attack, artificial intelligence, deadcode insertion, label flipping, function renaming","lastPublishedDoi":"10.21203/rs.3.rs-4355876/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-4355876/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"The complexity of implementations and the interconnection of assorted systems and devices facilitates the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of Artificial Intelligence (AI) a common practice. However, the use of AI is not without its problems, specially those affecting the training phase. This paper tackles this issue following a two-fold approach. First, an AI-based vulnerability detection system based on code and token metrics, dubbed VulCoT, is developed. It reaches state-of-the-art performance while being suitable for C#, C/C++ and PHP. Second, the impact of poisoning attacks on VulCoT is analysed. Results show that VulCoT is specially affected beyond 20% of false data. Remarkably, detecting some of the most frequent Common Weakness Enumeration is altered even with lower poison rates. Overall, KNN and SVM are more appropriate for system protection in C# and C/C++, while MLP in PHP. Indeed, PHP is the language which is less affected by attacks, while C# and C/C++ present comparable results.","manuscriptTitle":"Vulnerability detection under poisoning attacks through code and token features","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-05-09 02:39:56","doi":"10.21203/rs.3.rs-4355876/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"9c8af4cc-b3c2-4b7f-96c1-b3f06bae8c00","owner":[],"postedDate":"May 9th, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[],"tags":[],"updatedAt":"2024-07-04T02:29:10+00:00","versionOfRecord":[],"versionCreatedAt":"2024-05-09 02:39:56","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-4355876","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-4355876","identity":"rs-4355876","version":["v1"]},"buildId":"8U1c8b4HqxoKbykW_rLl7","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}