AI fixes security flaws – KTH wins prestigious award
Can AI fix security flaws before hackers strike? KTH researchers say yes—and their breakthrough won the Best Paper Award 2023 from IEEE Transactions on Software Engineering. By using AI to automate security fixes, their work could transform cybersecurity.
A research paper co-authored by KTH Professor Martin Monperrus, alongside Zimin Chen and Steve Kommrusch, has been awarded the Best Paper Award 2023 by the prestigious IEEE Transactions on Software Engineering. Their work, titled "Neural Transfer Learning for Repairing Security Vulnerabilities in C Code", presents an innovative approach to automating security fixes using machine learning.
A breakthrough in Automated Security Fixes
One of the biggest challenges in applying deep learning to software security is the lack of large datasets for training models to fix vulnerabilities.
"The key challenge addressed in this paper was the small size of vulnerability fix datasets, which are insufficient for training deep learning models," explains Monperrus.
To overcome this, the research team used transfer learning. The VRepair model was first trained on a large dataset of general bug fixes before being fine-tuned on specific vulnerability fixes. The method allowed the model to transfer knowledge from bug fixing to security fixing, significantly improving effectiveness.
Making software more secure
The impact of this research is clear: faster and more reliable security fixes.
"This work can enhance software security by providing an automated method for fixing vulnerabilities, which is currently time-consuming," says Monperrus.
Additionally, this AI-driven method lightens the workload for security experts, allowing them to focus on verification rather than manual patch creation.
"It reduces the burden on human experts, enabling them to focus on verification instead of manual patch creation," he adds.
Recognising excellence in Software Engineering
The IEEE Transactions on Software Engineering is one of the leading journals in the field, and its Best Paper Award is given annually to research that demonstrates technical depth, originality, and long-term impact. With the growing role of AI in cybersecurity and software engineering, this award is paving the way for more automated and efficient software security solutions.
Read more: Best Paper Award Winners – IEEE Transactions on Software Engineering
Related news
AI fixes security flaws – KTH wins prestigious award
Can AI fix security flaws before hackers strike? KTH researchers say yes—and their breakthrough won the Best Paper Award 2023 from IEEE Transactions on Software Engineering. By using AI to automate se...
Read the article
How to stop cyber-attacks with honeypots
In the ever-evolving landscape of cyber warfare, defending against human-controlled cyberattacks requires innovative strategies. A recent study conducted by students at KTH delves into the realm of cy...
Read the article
Cybercampus Sverige inaugurated
On 7 February, Cybercampus Sverige was formally launched at a ceremony at the new headquarters in Stockholm, with Minister for Civil Defence Carl-Oskar Bohlin and Minister for Education Mats Persson i...
Read the article