Artificial Intelligence Techniques for Security Vulnerability Prevention

Abstract: Computer security has been a concern for decades and artificial intelligence techniques have been applied to the area for nearly as long. Most of the techniques are being applied to the detection of attacks to running systems, but recent improvements in machine learning (for example, in natural language processing) have enabled the opportunity to process software and specifications to detect vulnerabilities in a system before it is deployed. This paper presents a survey of artificial intelligence techniques (including machine learning) to detect or repair security vulnerabilities before product introduction. In the surveyed papers, techniques are presented for using NLP to analyze requirements documents for security standard completeness, performing neural fuzz testing of software, generating exploits to detect risk, and more. We categorize current techniques into 3 groups: vulnerability detection, vulnerability repair, and specification analysis. Generally, while AI techniques have become quite useful in this area, we show that AI techniques still tend to be limited in scope, providing a collection of tools which can augment but not replace careful system development to reduce vulnerability risks.