Microsoft technology licensing, llc. (20240411666). LOCALIZING VULNERABILITIES IN SOURCE CODE AT A TOKEN-LEVEL
LOCALIZING VULNERABILITIES IN SOURCE CODE AT A TOKEN-LEVEL
Organization Name
microsoft technology licensing, llc.
Inventor(s)
AARON YUE-CHIU Chan of PROVO UT (US)
ANANT GIRISH Kharkar of HUNTERSVILLE NC (US)
YEVHEN Mohylevskyy of REDMOND WA (US)
KALPATHY SITARAMAN Sivaraman of BOTHELL WA (US)
NEELAKANTAN Sundaresan of BELLEVUE WA (US)
ROSHANAK Zilouchian Moghaddam of KIRKLAND WA (US)
LOCALIZING VULNERABILITIES IN SOURCE CODE AT A TOKEN-LEVEL
This abstract first appeared for US patent application 20240411666 titled 'LOCALIZING VULNERABILITIES IN SOURCE CODE AT A TOKEN-LEVEL
Original Abstract Submitted
a vulnerability detection and repair system utilize a classifier model to detect a software vulnerability in a source code snippet and the tokens in the source code snippet attributable to the vulnerability. a large language model is then given the vulnerable source code snippet, its vulnerability type, the vulnerability tokens, and a few-shot examples to determine whether or not the source code snippet includes the identified vulnerability. the few-shot examples include positive and negative samples of the type of vulnerability to guide the large language model towards the correct output.
- Microsoft technology licensing, llc.
- AARON YUE-CHIU Chan of PROVO UT (US)
- ANANT GIRISH Kharkar of HUNTERSVILLE NC (US)
- YEVHEN Mohylevskyy of REDMOND WA (US)
- KALPATHY SITARAMAN Sivaraman of BOTHELL WA (US)
- NEELAKANTAN Sundaresan of BELLEVUE WA (US)
- ROSHANAK Zilouchian Moghaddam of KIRKLAND WA (US)
- G06F11/36
- CPC G06F11/3624