Research Article | Open Access | Download PDF
Volume 74 | Issue 6 | Year 2026 | Article Id. IJCTT-V74I6P101 | DOI : https://doi.org/10.14445/22312803/IJCTT-V74I6P101Semantic Transformer-Based Detection of Security Misconfigurations in Network Configuration Infrastructure-as-Code
Lakshmi Harika Akkireddy, Naga Satya Praveen Kumar Yadati, Vijayakumar Venganti
| Received | Revised | Accepted | Published |
|---|---|---|---|
| 18 Apr 2026 | 22 May 2026 | 10 Jun 2026 | 29 Jun 2026 |
Citation :
Lakshmi Harika Akkireddy, Naga Satya Praveen Kumar Yadati, Vijayakumar Venganti, "Semantic Transformer-Based Detection of Security Misconfigurations in Network Configuration Infrastructure-as-Code," International Journal of Computer Trends and Technology (IJCTT), vol. 74, no. 6, pp. 1-11, 2026. Crossref, https://doi.org/10.14445/22312803/IJCTT-V74I6P101
Abstract
Network configuration infrastructure misconfigurations have emerged as one of the leading causes of security breaches, yet existing rule-based and static detection methods remain rigid and fail to generalise across the diverse patterns present in Infrastructure-as-Code (IaC) artefacts. This research gap motivates the need for a semantics-aware, data-driven detection approach that goes beyond syntactic pattern matching. This study proposes a lightweight deep-learning framework for the automated detection of security misconfigurations in Terraform-based IaC, leveraging the transformer-based semantic understanding of code offered by DistilBERT. A balanced dataset of 2,000 labelled Terraform samples (1,000 secure, 1,000 insecure) is constructed, and the model is trained under practical computational constraints while satisfying the requirements of reproducible experimentation. Evaluation on a held-out test set yields an F1-score of 0.7598, a recall of 0.8700, ROC-AUC of 0.8224, and PR-AUC of 0.8344, outperforming the TF-IDF with Logistic Regression baseline in recall and overall detection capability. The results confirm that contextual transformer representations capture security-relevant patterns beyond syntactic rules, offering a scalable and intelligent solution for proactive misconfiguration assurance in network configuration environments.
Keywords
Network Configuration Security Misconfiguration Detection, Infrastructure-as-Code Analysis, Transformer-Based Deep Learning.
References
[1] IBM Security, Cost of a Data
Breach Report 2023, IBM Corporation, Armonk, NY, USA, 2023. [Online].
Available:
https://cyberalberta.ca/system/files/cyberalberta-coi-cost-of-a-data-breach.pdf
[2] Check Point Research, Network
Configuration Security Report 2023, Check Point Software Technologies Ltd., Tel
Aviv, Israel, 2023. [Online]. Available: https://www.checkpoint.com/resources/
[3] Akond Rahman, Chris Parnin, and
Laurie Williams, “The Seven Sins: Security Smells in Infrastructure as Code
Scripts,” 2019 IEEE/ACM 41st
International Conference on Software Engineering (ICSE), Montreal, QC,
Canada, pp. 306-316, 2019.
[CrossRef] [Google Scholar] [Publisher
Link]
[4] Michele Chiari, and Michele De
Pascalis, and Matteo Pradella, “Static Analysis of Infrastructure as Code: A
Survey,” 2022 IEEE 19th
International Conference on Software Architecture Companion (ICSA-C),
Honolulu, HI, USA, pp. 218-225, 2022.
[CrossRef]
[Google Scholar] [Publisher
Link]
[5] Jacob Devlin et al., “BERT:
Pre-Training of Deep Bidirectional Transformers for Language Understanding,” Proceedings of the 2019 Conference of the
North American Chapter of the Association for Computational Linguistics: Human
Language Technologies, Minneapolis, MN, USA, pp. 4171-4186, 2019.
[CrossRef]
[Google Scholar] [Publisher
Link]
[6] Akond Rahman, Rezvan
Mahdavi-Hezaveh, and Laurie Williams, “A Systematic Mapping Study of
Infrastructure as Code Research,” Information and Software Technology,
vol. 108, pp. 65-77, 2019.
[CrossRef]
[Google Scholar] [Publisher Link]
[7] Julian Schwarz, Andreas
Steffens, and Horst Lichter, “Code Smells in Infrastructure as Code,” 2018 11th International
Conference on the Quality of Information and Communications Technology (QUATIC),
Coimbra, Portugal, pp. 223-230, 2018.
[CrossRef]
[Google Scholar] [Publisher
Link]
[8] Mohammed Mehedi Hasan, Farzana
Ahamed Bhuiyan, and Akond Rahman, “Testing Practices for Infrastructure as
Code,” Proceedings of the 1st ACM SIGSOFT
International Workshop on Languages and Tools for Next-Generation Testing,
Melbourne, VIC, Australia, pp. 67-74, 2020.
[CrossRef]
[Google Scholar] [Publisher
Link]
[9] Pandu Ranga Reddy Konala, Vimal
Kumar, and David Bainbridge, “SoK: Static Configuration Analysis of
Infrastructure as Code Scripts,” 2023
IEEE International Conference on Cyber Security and Resilience (CSR),
Venice, Italy, pp. 281-288, 2023.
[CrossRef]
[Google Scholar] [Publisher
Link]
[10] Håkon Teppan, Lars Halvdan Flå,
and Martin Gilje Jaatun, “A Survey on Infrastructure-as-Code Solutions for
Cloud Development,” 2022 IEEE
International Conference on Cloud Computing Technology and Science (CloudCom),
Bangkok, Thailand, pp. 60-65, 2022.
[CrossRef] [Google Scholar] [Publisher
Link]
[11] Savya Sachi et al., “Data Lake
Validation Strategies: Ensuring Quality in Data Warehousing Pipelines,” 2025 International Conference on Intelligent
and Secure Engineering Solutions (CISES), Greater Noida Gautam Budh Nagar,
India, pp. 918-922, 2025.
[CrossRef] [Google Scholar] [Publisher
Link]
[12] Sandeep Shenoy Karanchery
Sundaresan et al.,, “ETL Automation: Reducing Latency in Data Migration with AI
and ML Techniques,” 2025 International
Conference on Intelligent and Secure Engineering Solutions (CISES), Greater
Noida Gautam Budh Nagar, India, pp. 928-932, 2025.
[CrossRef] [Google Scholar] [Publisher
Link]
[13] Nishit Agarwal et al., “Hybrid Data
Security Solutions Using Combined Encryption and Steganography in Communication
Systems,” Proceedings of International
Conference on Next-Generation Communication and Computing, vol. 1306, pp.
295-306, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Zhangyin Feng et al.,
“CodeBERT: A Pre-Trained Model for Programming and Natural Languages,” Findings
of the Association for Computational Linguistics: EMNLP 2020, pp. 1536-1547,
2020.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Daya Guo et al.,
“GraphCodeBERT: Pre-Training Code Representations with Data Flow,” arXiv, 2021.
[CrossRef]
[Google Scholar] [Publisher
Link]
[16] Yue Wang et al., “CodeT5: Identifier-Aware
Unified Pre-Trained Encoder-Decoder Models for Code Understanding and
Generation,” Proceedings of the 2021 Conference on Empirical Methods in Natural
Language Processing, Punta Cana, Dominican Republic, pp. 8696-8708, 2021.
[CrossRef]
[Google Scholar] [Publisher
Link]
[17] Akond Rahman et al., “Security
Misconfigurations in Open Source Kubernetes Manifests: An Empirical Study,” ACM
Transactions on Software Engineering and Methodology, vol. 32, no. 4, pp.
1-36, 2023.
[CrossRef]
[Google Scholar] [Publisher
Link]
[18] Ehud Malul et al., “GenKubeSec:
LLM-based Kubernetes Misconfiguration Detection, Localization, Reasoning, and
Remediation,” arXiv, 2024.
[CrossRef]
[Google Scholar] [Publisher
Link]
[19] Aicha War et al.,
“Vulnerabilities in Infrastructure as Code: What, How Many, and Who,” Empirical
Software Engineering, vol. 30, 2025.
[CrossRef]
[Google Scholar] [Publisher Link]
[20] Claus Pahl, “Infrastructure as
Code: Technology Review and Research Challenges,” Proceedings of the 15th International Conference on Cloud
Computing and Services Science CLOSER, vol. 1, pp. 151-158, 2025.
[CrossRef]
[Google Scholar] [Publisher Link]
[21] Michael Fu, and Chakkrit
Tantithamthavorn, “LineVul: A Transformer-based Line-Level Vulnerability
Prediction,” MSR '22: Proceedings of the 19th International
Conference on Mining Software Repositories, pp. 608 - 620, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]
[22] Chandra Thapa et al.,
“Transformer-Based Language Models for Software Vulnerability Detection,” ACSAC
'22: Proceedings of the 38th Annual Computer Security Applications
Conference, pp. 481-496, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]
[23] Hazim Hanif, and Sergio
Maffeis, “VulBERTa: Simplified Source Code Pre-Training for Vulnerability
Detection,” 2022 International Joint Conference on Neural Networks (IJCNN),
Padua, Italy, pp. 1-8, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]
[24] Saikat Chakraborty et al.,
“Deep Learning based Vulnerability Detection: Are We there Yet?,” IEEE
Transactions on Software Engineering, vol. 48, no. 9, pp. 3280-3296, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]
[25] Zied Ben Houidi, and Dario Rossi,
“Neural Language Models for Network Configuration: Opportunities and Reality
Check,” Computer Communications, vol. 193, pp. 118-125, 2022.
[CrossRef]
[Google Scholar] [Publisher Link]