VULGEN: Realistic Vulnerability Generation Via Pattern Mining and Deep Learning

By combining the strengths of state-of-the-art deterministic (pattern-based) approach for vulnerability injection and probabilisitic (deep-learning/DL-based) program transformation approach for injection localization, we present VulGen, which is the first injection-based vulnerability-generation technique that is not limited to a particular class of vulnerabilities. We compare VulGen with several other possible techniques (T5, Graph2Edit, Getafix) for vulnerability generation and show that VulGen outperforms them.

Once the users have Docker installed download the Docker image "vulgen_image.tar.xz"

Then, check the README.md for detailed steps of reproducing the experiments.

Besides, we also provide the simple package of the artifact "vulgen.zip". The raw data of our experiments is also provided in this simple package. However, using it to reproduce the experiments requires the users to set up the enviroments and dependencies, which is not recommanded.