Evaluating and Comparing Size, Complexity and Coupling Metrics as Web Applications Vulnerabilities Predictors

Zagane, Mohammed; Abdi, Mustapha Kamel

doi:10.5815/ijitcs.2019.07.05

Cited by 11 publications

(9 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the key research directions is to develop intelligent vulnerability detection techniques that act on source code. The following three sub-categories can be found: vulnerability detection methods based on software metrics [18] [19] [20] [21], anomaly detection technique for detecting vulnerabilities by looking for abnormal patterns [22], and vulnerable pattern learning [23].…”

Section: Machine Learning-based Vulnerability Detectionmentioning

confidence: 99%

“…Some of the prior studies in the field of vulnerability detection tried to evaluate theories that are a correlation between software characteristics: complexity, coupling, etc. [19] [46] [47] [18]. Mohammed et al [20] Aim to use code metrics as features to detect software vulnerabilities based on deep learning with a fine granularity level.…”

Section: State-of-the-art Studiesmentioning

confidence: 99%

“…This is demonstrated by the fact that numerous vulnerabilities are reported each year in the Common Vulnerabilities and Exposures (CVE) [2]. According to the Common Vulnerabilities and Exposures (CVE) organization's statistics and the National Vulnerability Database (NVD) Report [3], The number of vulnerabilities recorded in a single year has never been higher than in 2020 (18,103). It can be seen from Figure 1 that the number of vulnerabilities has reached its peak in the past three years.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

إستعراض منهجی للأدبیات حول الکشف عن نقاط ضعف البرمجیات بإستخدام أسالیب تعلم الألة

رمضان¹,

بهاء²,

غنیم³

2022

النشرة المعلوماتیة فی الحاسبات والمعلومات

View full text Add to dashboard Cite

Section: Machine Learning-based Vulnerability Detectionmentioning

confidence: 99%

Section: State-of-the-art Studiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

إستعراض منهجی للأدبیات حول الکشف عن نقاط ضعف البرمجیات بإستخدام أسالیب تعلم الألة

رمضان¹,

بهاء²,

غنیم³

2022

النشرة المعلوماتیة فی الحاسبات والمعلومات

View full text Add to dashboard Cite

“…Most of the prior studies in the field of AVP tried to evaluate theories that are a correlation between software characteristics: complexity, coupling, etc and vulnerabilities [10]- [13]. In other studies [8], [14] researchers reported that the classic software metrics used in DPM are not accurate for VPM.…”

Section: B Vulnerability Prediction Model (Vpm)mentioning

confidence: 99%

“…Training a VPM from such an imbalanced dataset is often challenging because the VPM may be biased towards the major class (negatives) and hence it only learns to predict everything as negatives and ignores the minor class (positives). Therefore, undersampling is a technique that is often used to balance the training set [11], [13], [15]. With this technique, all the positive cases in the training set are retained, while only a subset of the negatives is selected.…”

Section: ) Balancing the Datasetmentioning

confidence: 99%

Deep Learning for Software Vulnerabilities Detection Using Code Metrics

Zagane¹,

Abdi²,

Alenezi

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

Software vulnerability can cause disastrous consequences for information security. Earlier detection of vulnerabilities minimizes these consequences. Manual detection of vulnerable code is very difficult and very costly in terms of time and budget. Therefore, developers must use automatic vulnerabilities prediction (AVP) tools to minimize costs. Recent works on AVP begin to use techniques of deep learning (DL). All the proposed approaches are based on techniques of feature extraction inspired by previous applications of DL such as automatic language processing. Code metrics were widely used as features to build AVP models based on classic machine learning. This study bridges the gap between deep learning and machine learning features and discusses a deep-learning-based approach to finding vulnerabilities in code using code metrics. Obtained results show that code metrics are very good but not the better to use as features in DL-based AVP.INDEX TERMS Automatic vulnerability prediction, code metrics, deep neural networks.

show abstract

Web Application State Management Performance Optimization Methods

Oleshchenko,

Burchak

2023

Lecture Notes on Data Engineering and Communications Technologies

View full text Add to dashboard Cite

Evaluating and Comparing Size, Complexity and Coupling Metrics as Web Applications Vulnerabilities Predictors

Cited by 11 publications

References 19 publications

إستعراض منهجی للأدبیات حول الکشف عن نقاط ضعف البرمجیات بإستخدام أسالیب تعلم الألة

إستعراض منهجی للأدبیات حول الکشف عن نقاط ضعف البرمجیات بإستخدام أسالیب تعلم الألة

Deep Learning for Software Vulnerabilities Detection Using Code Metrics

Web Application State Management Performance Optimization Methods

Contact Info

Product

Resources

About