Verifying Software Code Vulnerabilities Using Machine Learning and Classification Techniques
Guardat en:
| Publicat a: | ProQuest Dissertations and Theses (2019) |
|---|---|
| Autor principal: | |
| Publicat: |
ProQuest Dissertations & Theses
|
| Matèries: | |
| Accés en línia: | Citation/Abstract Full Text - PDF |
| Etiquetes: |
Sense etiquetes, Sigues el primer a etiquetar aquest registre!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 2239956731 | ||
| 003 | UK-CbPIL | ||
| 020 | |a 978-1-392-22610-0 | ||
| 035 | |a 2239956731 | ||
| 045 | 0 | |b d20190101 | |
| 084 | |a 66569 |2 nlm | ||
| 100 | 1 | |a Argiropoulos, Foteini Cheirdari | |
| 245 | 1 | |a Verifying Software Code Vulnerabilities Using Machine Learning and Classification Techniques | |
| 260 | |b ProQuest Dissertations & Theses |c 2019 | ||
| 513 | |a Dissertation/Thesis | ||
| 520 | 3 | |a Software assurance analysts deal with thousands of potential vulnerabilities many of which are false positives during the process of static code analysis. Manual review of all such potential vulnerabilities is tedious, time consuming, and frequently impractical. This dissertation presents a novel classification algorithm along with its variants that successfully label true and false vulnerabilities in software code. A selection process identifies the most important features utilized in the algorithm to detect and distinguish the true and false positive findings of the static code analysis results. This has been accomplished by an empirical and semantic method of identifying and using personal identifier as a critical feature for the classification. The approach has been validated by experimentation and comparison against thirteen existing classifiers. Extensive experiments were conducted using multiple production code and open source code with the aid of a variety of static code analysis tools. The results show significant improvements in Accuracy, Precision, and Recall, outperforming all participating classifiers, leading to significant improvements in the security posture of a software system. | |
| 653 | |a Computer science | ||
| 653 | |a Information technology | ||
| 773 | 0 | |t ProQuest Dissertations and Theses |g (2019) | |
| 786 | 0 | |d ProQuest |t ProQuest Dissertations & Theses Global | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/2239956731/abstract/embedded/L8HZQI7Z43R0LA5T?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/2239956731/fulltextPDF/embedded/L8HZQI7Z43R0LA5T?source=fedsrch |