Show simple item record

dc.contributor.advisorXi, Hongweien_US
dc.contributor.authorKosta, Leonard Raymonden_US
dc.date.accessioned2019-08-15T13:19:50Z
dc.date.available2019-08-15T13:19:50Z
dc.date.issued2019
dc.identifier.urihttps://hdl.handle.net/2144/37102
dc.description.abstractThe ability to automatically detect and repair vulnerabilities in code before deployment has become the subject of increasing attention. Some approaches to this problem rely on machine learning techniques, however the lack of datasets–code samples labeled as containing a vulnerability or not–presents a barrier to performance. We design and implement a deep neural network based on the recently developed Grammar Variational Autoencoder (VAE) architecture to generate an arbitrary number of unique C functions labeled in the aforementioned manner. We make several improvements on the original Grammar VAE: we guarantee that every vector in the neural network’s latent space decodes to a syntactically valid C function; we extend the Grammar VAE into a context-sensitive environment; and we implement a semantic repair algorithm that transforms syntactically valid C functions into fully semantically valid C functions that compile and execute. Users can control the semantic qualities of output functions with our constraint system. Our constraints allow users to modify the return type, change control flow structures, inject vulnerabilities into generated code, and more. We demonstrate the advantages of our model over other program synthesis models targeting similar applications. We also explore alternative applications for our model, including code plagiarism detection and compiler fuzzing, testing, and optimization.en_US
dc.language.isoen_US
dc.subjectComputer scienceen_US
dc.subjectGrammaren_US
dc.subjectNeural networken_US
dc.subjectVulnerabilityen_US
dc.titleProgram synthesis and vulnerability injection using a Grammar VAEen_US
dc.typeThesis/Dissertationen_US
dc.date.updated2019-08-09T16:03:47Z
etd.degree.nameMaster of Scienceen_US
etd.degree.levelmastersen_US
etd.degree.disciplineComputer Scienceen_US
etd.degree.grantorBoston Universityen_US


This item appears in the following Collection(s)

Show simple item record