Developing Hands-on Labs for Source Code Vulnerability Detection with AI

Abstract: As the role of information and communication technologies gradually increases in our lives, source code security becomes a significant issue to protect against malicious attempts Furthermore with the advent of data-driven techniques, there is now a growing interest in leveraging machine learning and natural language processing as a source code assurance method to build trustworthy systems Therefore training our future software developers to write secure source code is in high demand In this thesis we propose a framework including learning modules and hands on labs to guide future IT professionals towards developing secure programming habits and mitigating source code vulnerabilities at the early stages of the software development lifecycle In this thesis our goal is to design learning modules with a set of hands on labs that will introduce students to secure programming practices using source code and log file analysis tools to predict and identify vulnerabilities In a Secure Coding Education framework we will improve students skills and awareness on source code vulnerabilities detection tools and mitigation techniques integrate concepts of source code vulnerabilities from Function API and library level to bad programming habits and practices leverage deep learning NLP and static analysis tools for log file analysis to introduce the root cause of source code vulnerabilities