UntrustVul: An Automated Approach for Identifying Untrustworthy Alerts in Vulnerability Detection Models

Machine learning (ML) has shown promising results in detecting software vulnerabilities. However, ML detectors are not guaranteed to make predictions based on the right indicators. Studies have revealed that they can rely on irrelevant code features, such as identifiers or function signatures, particularly those that commonly appear in vulnerable code, yet are not related to the actual vulnerabilities. Therefore, effectively using these detectors in practice typically involves identifying the specific lines of code that the detectors depend on for their predictions and flag as suspicious. Developers then must determine whether the predictions are genuinely suspicious, which is time-consuming and error-prone. If the suspicious lines identified by these detectors are wrong, developers may be misled, spend unnecessary effort, or even reach incorrect patching strategies.Determining whether a few lines of code genuinely indicate vulnerabilities can be as complex as vulnerability detection. This highlights the need for automated approaches to identify untrustworthy vulnerability predictions. In this paper, we introduce a new approach for identifying untrustworthy vulnerability predictions. Specifically, we focus on cases where the model highlights suspicious lines that would not appear in reliable predictions, which are lines that are inherently non-vulnerable and unrelated to any actual vulnerabilities. We refer to these as vulnerability-irrelevant lines. To achieve this goal, we develop UntrustVul, which leverages patterns of vulnerable lines that have been observed in historical data to automatically label untrustworthy predictions. A line is deemed vulnerability-irrelevant if \u2460 it does not match any of known patterns of historical vulnerabilities, and \u2461 all its successors in the data and control dependency graph are also vulnerability-irrelevant. Intuitively, a vulnerability-irrelevant line shows a low similarity to known vulnerabilities and does not have dependency paths to any lines outside the vulnerability-irrelevant category. Notably, these rules are designed to be conservative, as mislabeling a trustworthy vulnerability prediction as untrustworthy is also undesirable. We evaluate UntrustVul on 115K vulnerability predictions made by four models across BigVul, MegaVul, SARD, and PrimeVul datasets, with ground-truth trustworthiness labeled based on the overlap between actual denoised vulnerable lines and model-annotated suspicious lines. UntrustVul effectively detects untrustworthy predictions with AUC of 70%\u201388% and F1-score of 82%\u201394%, outperforming existing approaches by 6%\u201359% in AUC and 13%\u201392% in F1-score.