Due to the constant and growing demands of users, as well as their ever-changing needs, Android applications are being rapidly released and updated. However, in the rush to develop these apps, the focus may be more on functionality rather than security and identifying vulnerabilities in the source code. This is partly because there are not enough automated mechanisms available to assist app developers in mitigating these vulnerabilities.
To address this issue, an AI-powered plugin called Android Code Vulnerability Early Detection (ACVED) can be integrated with Android Studio to provide real-time support for mitigating source code vulnerabilities. As you work on a specific source code line, the plugin can provide the vulnerability status for that line.
ACVED has a highly accurate and efficient ensemble learning model running in the backend, which can detect source code vulnerabilities and their CWE categories with a 95% accuracy rate. Additionally, explainable AI techniques are employed to provide source code vulnerability prediction probabilities for each word.
The model is regularly updated with new training data from the LVDAndro dataset, which allows for the detection of novel vulnerabilities using the ACVED plugin.
If you are using this plugin or model in your research work, please cite as: Senanayake, J., Kalutarage, H., Al-Kadri, M.O., Petrovski, A., Piras, L. (2023). Android Code Vulnerabilities Early Detection Using AI-Powered ACVED Plugin. In: Atluri, V., Ferrara, A.L. (eds) Data and Applications Security and Privacy XXXVII. DBSec 2023. Lecture Notes in Computer Science, vol 13942. Springer, Cham. https://doi.org/10.1007/978-3-031-37586-6_20
Use ACVED User Guide for all the necessary instructions related to the ACVED plugin installation and usage.


