Dr Anjana Wijekoon a.wijekoon1@rgu.ac.uk
Research Fellow B
Reasoning with counterfactual explanations for code vulnerability detection and correction.
Wijekoon, Anjana; Wiratunga, Nirmalie
Authors
Professor Nirmalie Wiratunga n.wiratunga@rgu.ac.uk
Associate Dean for Research
Contributors
Sadiq Sani
Editor
Dr Harsha Kalutarage h.kalutarage@rgu.ac.uk
Editor
Abstract
Counterfactual explanations highlight "actionable knowledge" which helps the end-users to understand how a machine learning outcome could be changed to a more desirable outcome. In code vulnerability detection, understanding these "actionable" corrections can be critical to proactively mitigate security attacks that are caused by known vulnerabilities. In this paper, we present the case-based explainer DisCERN for counterfactual discovery with code data. DisCERN explainer finds counterfactuals to explain the outcomes of black-box vulnerability detection models and highlight actionable corrections to guide the user. DisCERN uses feature relevance explainer knowledge as a proxy to discover potentially vulnerable code statements and then used a novel substitution algorithm based on pattern matching to find corrections from the nearest unlike neighbour. The overall aim of DisCERN is to identify vulnerabilities and correct them with minimal changes necessary. We evaluate DisCERN using the NIST Java SAR dataset to find that DisCERN finds counterfactuals for 96% of the test instances with 13 ~ 14 statement changes in each test instance. Additionally, we present example counterfactuals found using DisCERN to qualitatively evaluate the algorithm.
Citation
WIJEKOON, A. and WIRATUNGA, N. 2021. Reasoning with counterfactual explanations for code vulnerability detection and correction. In Sani, S. and Kalutarage, H. (eds.) AI and cybersecurity 2021: proceedings of the 2021 Workshop on AI and cybersecurity (AI-Cybersec 2021), co-located with the 41st Specialist Group on Artificial Intelligence international conference on artificial intelligence (SGAI 2021), 14 December 2021, [virtual event]. CEUR workshop proceedings, 3125. Aachen: CEUR-WS [online], pages 1-13. Available from: http://ceur-ws.org/Vol-3125/paper1.pdf
| Conference Name | 2021 Workshop on AI and cybersecurity (AI-Cybersec 2021), co-located with the 41st Specialist Group on Artificial Intelligence international conference on artificial intelligence (SGAI 2021) |
|---|---|
| Conference Location | [virtual event] |
| Start Date | Dec 14, 2021 |
| Acceptance Date | Nov 21, 2021 |
| Online Publication Date | Dec 14, 2021 |
| Publication Date | Apr 17, 2022 |
| Deposit Date | May 5, 2022 |
| Publicly Available Date | May 5, 2022 |
| Publisher | CEUR Workshop Proceedings |
| Pages | 1-13 |
| Series Title | CEUR workshop proceedings |
| Series Number | 3125 |
| Series ISSN | 1613-0073 |
| Book Title | AI and cybersecurity 2021 |
| Keywords | Counterfactual explanations; Vulnerability detection; Explainable AI |
| Public URL | https://rgu-repository.worktribe.com/output/1654358 |
| Publisher URL | http://ceur-ws.org/Vol-3125/ |
Files
WIJEKOON 2021 Reasoning with counterfactual (VOR v2)
(3.7 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
You might also like
iSee: intelligent sharing of explanation experience of users for users.
(2023)
Conference Proceeding
iSee: demonstration video. [video recording]
(2023)
Digital Artefact
Adapting semantic similarity methods for case-based reasoning in the Cloud.
(2022)
Conference Proceeding
How close is too close? Role of feature attributions in discovering counterfactual explanations.
(2022)
Conference Proceeding
Clinical dialogue transcription error correction using Seq2Seq models.
(2022)
Working Paper
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search