Developing a History Based Vulnerability Fixer by Leveraging Developer Anomalies
Current work on program repair has not focused thoroughly on actual debugging of vulnerabilities. The main objective of this pillar is, therefore, to investigate to what extent automated program repair approaches can be applied to automatically repair vulnerabilities. In this context, given the recurrence of vulnerabilities across projects, the associated similar patches can be leveraged to extract generic fix actions. Thus, we hypothesize that similar vulnerabilities may present similar strategies for patching. Therefore, our work aims at understanding the gaps in the state of the art program repair approaches towards fixing vulnerabilities. Concretely, we will explore state of the art program repair approaches and learn patterns by capturing the context and the semantic properties in order to identify recurrent patterns of fixes for common security vulnerabilities.
