International Journal of Computer
Trends and Technology

Research Article | Open Access | Download PDF
Volume 74 | Issue 6 | Year 2026 | Article Id. IJCTT-V74I6P101 | DOI : https://doi.org/10.14445/22312803/IJCTT-V74I6P101

Semantic Transformer-Based Detection of Security Misconfigurations in Network Configuration Infrastructure-as-Code


Lakshmi Harika Akkireddy, Naga Satya Praveen Kumar Yadati, Vijayakumar Venganti

Received Revised Accepted Published
18 Apr 2026 22 May 2026 10 Jun 2026 29 Jun 2026

Citation :

Lakshmi Harika Akkireddy, Naga Satya Praveen Kumar Yadati, Vijayakumar Venganti, "Semantic Transformer-Based Detection of Security Misconfigurations in Network Configuration Infrastructure-as-Code," International Journal of Computer Trends and Technology (IJCTT), vol. 74, no. 6, pp. 1-11, 2026. Crossref, https://doi.org/10.14445/22312803/IJCTT-V74I6P101

Abstract

Network configuration infrastructure misconfigurations have emerged as one of the leading causes of security breaches, yet existing rule-based and static detection methods remain rigid and fail to generalise across the diverse patterns present in Infrastructure-as-Code (IaC) artefacts. This research gap motivates the need for a semantics-aware, data-driven detection approach that goes beyond syntactic pattern matching. This study proposes a lightweight deep-learning framework for the automated detection of security misconfigurations in Terraform-based IaC, leveraging the transformer-based semantic understanding of code offered by DistilBERT. A balanced dataset of 2,000 labelled Terraform samples (1,000 secure, 1,000 insecure) is constructed, and the model is trained under practical computational constraints while satisfying the requirements of reproducible experimentation. Evaluation on a held-out test set yields an F1-score of 0.7598, a recall of 0.8700, ROC-AUC of 0.8224, and PR-AUC of 0.8344, outperforming the TF-IDF with Logistic Regression baseline in recall and overall detection capability. The results confirm that contextual transformer representations capture security-relevant patterns beyond syntactic rules, offering a scalable and intelligent solution for proactive misconfiguration assurance in network configuration environments.

Keywords

Network Configuration Security Misconfiguration Detection, Infrastructure-as-Code Analysis, Transformer-Based Deep Learning.

References

[1] IBM Security, Cost of a Data Breach Report 2023, IBM Corporation, Armonk, NY, USA, 2023. [Online]. Available: https://cyberalberta.ca/system/files/cyberalberta-coi-cost-of-a-data-breach.pdf

[2] Check Point Research, Network Configuration Security Report 2023, Check Point Software Technologies Ltd., Tel Aviv, Israel, 2023. [Online]. Available: https://www.checkpoint.com/resources/

[3] Akond Rahman, Chris Parnin, and Laurie Williams, “The Seven Sins: Security Smells in Infrastructure as Code Scripts,” 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE), Montreal, QC, Canada, pp. 306-316, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[4] Michele Chiari, and Michele De Pascalis, and Matteo Pradella, “Static Analysis of Infrastructure as Code: A Survey,” 2022 IEEE 19th International Conference on Software Architecture Companion (ICSA-C), Honolulu, HI, USA, pp. 218-225, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[5] Jacob Devlin et al., “BERT: Pre-Training of Deep Bidirectional Transformers for Language Understanding,” Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Minneapolis, MN, USA, pp. 4171-4186, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[6] Akond Rahman, Rezvan Mahdavi-Hezaveh, and Laurie Williams, “A Systematic Mapping Study of Infrastructure as Code Research,” Information and Software Technology, vol. 108, pp. 65-77, 2019.
[CrossRef] [Google Scholar] [Publisher Link]

[7] Julian Schwarz, Andreas Steffens, and Horst Lichter, “Code Smells in Infrastructure as Code,” 2018 11th International Conference on the Quality of Information and Communications Technology (QUATIC), Coimbra, Portugal, pp. 223-230, 2018.
[CrossRef] [Google Scholar] [Publisher Link]

[8] Mohammed Mehedi Hasan, Farzana Ahamed Bhuiyan, and Akond Rahman, “Testing Practices for Infrastructure as Code,” Proceedings of the 1st ACM SIGSOFT International Workshop on Languages and Tools for Next-Generation Testing, Melbourne, VIC, Australia, pp. 67-74, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[9] Pandu Ranga Reddy Konala, Vimal Kumar, and David Bainbridge, “SoK: Static Configuration Analysis of Infrastructure as Code Scripts,” 2023 IEEE International Conference on Cyber Security and Resilience (CSR), Venice, Italy, pp. 281-288, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[10] Håkon Teppan, Lars Halvdan Flå, and Martin Gilje Jaatun, “A Survey on Infrastructure-as-Code Solutions for Cloud Development,” 2022 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Bangkok, Thailand, pp. 60-65, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[11] Savya Sachi et al., “Data Lake Validation Strategies: Ensuring Quality in Data Warehousing Pipelines,” 2025 International Conference on Intelligent and Secure Engineering Solutions (CISES), Greater Noida Gautam Budh Nagar, India, pp. 918-922, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[12] Sandeep Shenoy Karanchery Sundaresan et al.,, “ETL Automation: Reducing Latency in Data Migration with AI and ML Techniques,” 2025 International Conference on Intelligent and Secure Engineering Solutions (CISES), Greater Noida Gautam Budh Nagar, India, pp. 928-932, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[13] Nishit Agarwal et al., “Hybrid Data Security Solutions Using Combined Encryption and Steganography in Communication Systems,” Proceedings of International Conference on Next-Generation Communication and Computing, vol. 1306, pp. 295-306, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[14] Zhangyin Feng et al., “CodeBERT: A Pre-Trained Model for Programming and Natural Languages,” Findings of the Association for Computational Linguistics: EMNLP 2020, pp. 1536-1547, 2020.
[CrossRef] [Google Scholar] [Publisher Link]

[15] Daya Guo et al., “GraphCodeBERT: Pre-Training Code Representations with Data Flow,” arXiv, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[16] Yue Wang et al., “CodeT5: Identifier-Aware Unified Pre-Trained Encoder-Decoder Models for Code Understanding and Generation,” Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing, Punta Cana, Dominican Republic, pp. 8696-8708, 2021.
[CrossRef] [Google Scholar] [Publisher Link]

[17] Akond Rahman et al., “Security Misconfigurations in Open Source Kubernetes Manifests: An Empirical Study,” ACM Transactions on Software Engineering and Methodology, vol. 32, no. 4, pp. 1-36, 2023.
[CrossRef] [Google Scholar] [Publisher Link]

[18] Ehud Malul et al., “GenKubeSec: LLM-based Kubernetes Misconfiguration Detection, Localization, Reasoning, and Remediation,” arXiv, 2024.
[CrossRef] [Google Scholar] [Publisher Link]

[19] Aicha War et al., “Vulnerabilities in Infrastructure as Code: What, How Many, and Who,” Empirical Software Engineering, vol. 30, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[20] Claus Pahl, “Infrastructure as Code: Technology Review and Research Challenges,” Proceedings of the 15th International Conference on Cloud Computing and Services Science CLOSER, vol. 1, pp. 151-158, 2025.
[CrossRef] [Google Scholar] [Publisher Link]

[21] Michael Fu, and Chakkrit Tantithamthavorn, “LineVul: A Transformer-based Line-Level Vulnerability Prediction,” MSR '22: Proceedings of the 19th International Conference on Mining Software Repositories, pp. 608 - 620, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[22] Chandra Thapa et al., “Transformer-Based Language Models for Software Vulnerability Detection,” ACSAC '22: Proceedings of the 38th Annual Computer Security Applications Conference, pp. 481-496, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[23] Hazim Hanif, and Sergio Maffeis, “VulBERTa: Simplified Source Code Pre-Training for Vulnerability Detection,” 2022 International Joint Conference on Neural Networks (IJCNN), Padua, Italy, pp. 1-8, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[24] Saikat Chakraborty et al., “Deep Learning based Vulnerability Detection: Are We there Yet?,” IEEE Transactions on Software Engineering, vol. 48, no. 9, pp. 3280-3296, 2022.
[CrossRef] [Google Scholar] [Publisher Link]

[25] Zied Ben Houidi, and Dario Rossi, “Neural Language Models for Network Configuration: Opportunities and Reality Check,” Computer Communications, vol. 193, pp. 118-125, 2022.
[CrossRef] [Google Scholar] [Publisher Link]