A systematic review of reinforcement learning (RL) techniques for software vulnerability analysis, with a focus on C/C++ source code and static analysis, has been published. The review, following PRISMA 2020 guidelines, analyzed 21 studies from 2015 to 2026. It found that most research concentrates on fuzzing and guided exploration, with limited work on direct vulnerability detection or statement-level localization. The review also highlighted that static code representations like Control Flow Graphs (CFGs) and Abstract Syntax Trees (ASTs) are underutilized as agent states, and current benchmarks lack comparability. AI
IMPACT Highlights underutilization of static code representations in RL for vulnerability detection, suggesting a research gap.
RANK_REASON The cluster contains a systematic review paper published on arXiv. [lever_c_demoted from research: ic=1 ai=1.0]
- Abstract Syntax Trees
- Carola Figueroa Flores
- C Cpp Programming Languages
- Control Flow Graphs
- reinforcement learning
- Software Vulnerability Analysis and Discovery Using Machine-Learning and Data-Mining Techniques: A Survey
- static program analysis
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →