1
2
3
4
5
6
7
8
write a review of the following results: compare the accuracy between 3 algorithms (GCN, GAT, MLP) with the loss of MLP being the best, then GCN and finally GAT. The patterns begin to converge from the 80th epoch on. The results show that the use of GNN algorithms to classify network traffic is also quite effective. With GCN accuracy of 92.2%, GAT accuracy of 91.12% and MLP of 79.5%

write a review of the following results: compare the loss value between 3 algorithms (GCN, GAT, MLP) with the loss of MLP being the best, then GCN and finally GAT. The patterns begin to converge from the 80th epoch on.

Write an evaluation of the following results: comparison of model training time of 3 algorithms GCN, GAT and MLP. In which, the training time of the GCN model is the lowest, and for the GAT algorithm, the training time is the longest.

write discussion that the use of GNN algorithms for traffic data classification has an impact on QoS in satellite communication. For satellite communications, the quality of experience (QoE) may be interpreted as the customer-perceived latency and information loss during real-time conversations. Since that reducing information loss and delays is significant connected with enhancing QoS, the QoE may be enhanced.

1
2
3
4
5
+ làm sao để ref bài báo hiện tại [references]
+ làm sao để viết related work từ bài báo này. [viết ở phần related work]
+ tóm tắt gọn các đóng góp của bài báo [để hiểu đóng góp chính của bài báo]
+ methods của bài báo họ thực hiện thế nào? [có thể triển khai được không? hay cải tiến các kiểu]

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
Paper: AutoVAS: An automated vulnerability analysis system with a deep learning approach

Common Vulnerabilities and Exposures (CVE) Database
(Cơ sở dữ liệu về các lỗ hổng và phơi nhiễm phổ biến - CVE)

Categorization of CVE Based on Vulnerability Software By Using Machine Learning Techniques

[Phân loại CVE dựa trên phần mềm dễ bị tổn thương bằng cách sử dụng các kỹ thuật học máy].


1. Dataset (What data has been used in this paper)

The paper has used datasets from various projects in the National Vulnerability Database (NVD) and Software Assurance Reference Database (SARD) to represent source code as embedding vectors for the proposed deep learning-based automated vulnerability analysis system (AutoVAS). 
The labeled dataset was prepared using the synthetic minority oversampling technique to balance the imbalanced dataset. Three algorithms, SMOTE, Modified-SMOTE, and SMOTEENN, were compared, and SMOTEENN was applied in this work as it showed the best performance.

2. Result of paper (Results of the paper)

The paper proposes a deep learning-based automated vulnerability analysis system (AutoVAS) that effectively represents source code as embedding vectors. 
The proposed system was evaluated using a dataset for deep learning models, and the experimental results show that AutoVAS achieves a false negative rate (FNR) of 3.62%, a false positive rate (FPR) of 1.88%, and an F1-score of 96.11%, which represent lower FNR and FPR values 
than those achieved by other approaches. The system was further applied to nine open-source projects and detected eleven vulnerabilities, most of which were missed by the other approaches experimented with. 
Notably, the system discovered three zero-day vulnerabilities, two of which were patched after being informed by AutoVAS. The other vulnerability received the Common Vulnerabilities and Exposures (CVE) ID after being detected by AutoVAS.

3. Find Related papers (Find Related papers)

4. Conclusion from the paper

The paper presents AutoVAS, an automated vulnerability analysis system based on a deep-learning approach, which aims to relieve human intervention and improve other vulnerability detection systems' low performance. 
The proposed system was evaluated using a dataset for deep learning models, and the experimental results show that AutoVAS achieves a lower false negative rate (FNR) and false positive rate (FPR) values than those achieved by other approaches. 
The system was further applied to nine open-source projects and detected eleven vulnerabilities, most of which were missed by the other approaches experimented with. 
Notably, the system discovered three zero-day vulnerabilities, two of which were patched after being informed by AutoVAS. The other vulnerability received the Common Vulnerabilities and Exposures (CVE) ID after being detected by AutoVAS. 
The study mitigates the impact of OoV and the lack of vulnerability dataset issues. The optimal method for representing source code as input vectors in a deep learning model was proposed from the viewpoints of program slicing and embedding techniques.


5. Literature survey of this paper

The paper includes a literature review section that discusses vulnerability detection, program slicing, and word embedding methods used to make the embedding vector an input of the deep learning model. 
The study also introduces terminologies to facilitate the understanding of the research and addresses the threat model and assumptions of the research. 
However, the paper does not provide an extensive literature survey of previous works in the field of automated vulnerability analysis systems with a deep learning approach.


6. Methods used in this paper
The paper proposes a deep learning-based automated vulnerability analysis system called AutoVAS, which represents source code as embedding vectors using datasets from various projects in the National Vulnerability Database (NVD) and 
Software Assurance Reference Database (SARD). The AutoVAS process is divided into a training phase to learn the detection model and a detection phase that uses the trained model to detect vulnerable code. 
The training and detection phases use the same embedding process for the input data in the model after preprocessing the source code, except for the activities of model learning and detection. 
The paper also presents a dataset for deep learning models to evaluate AutoVAS. The experimental results show that AutoVAS achieves a lower false negative rate (FNR) and false positive rate (FPR) values than those achieved by other approaches. 
The study mitigates the impact of OoV and the lack of vulnerability dataset issues. The optimal method for representing source code as input vectors in a deep learning model was proposed from the viewpoints of program slicing and embedding techniques.