Literature survey of deep learning-based vulnerability analysis on source code

Semasaba, Abubakar Omari Abdallah; Zheng, Wei; Wu, Xiaoxue; Agyemang, Samuel Akwasi

doi:10.1049/iet-sen.2020.0084

Cited by 14 publications

(7 citation statements)

References 63 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In recent years, China's nancial auditing of colleges and universities has been developed in an unprecedented way by combining national conditions, absorbing international advanced ideas, and groping on the road of practice, constantly improving and re ning. With the ourishing development of computer science and technology, audit informatization has become a wave that promotes the development and progress in the eld of nancial auditing in universities, improving audit e ciency, and saving audit costs [1].…”

Section: Introductionmentioning

confidence: 99%

Question and Answer Techniques for Financial Audits in Universities Based on Deep Learning

Li¹

2022

Mathematical Problems in Engineering

View full text Add to dashboard Cite

Financial auditing in universities is highly specialized, with a huge knowledge system and rapid updates. Auditors will encounter various problems and situations in their work and need to acquire domain knowledge efficiently and accurately to solve the difficulties they encounter. The existing audit information software, however, is mostly aimed at the management of audit affairs and lacks the relevant functions to acquire and retrieve knowledge of specific audit domains. In this study, we use deep learning theory as support to conduct an in-depth study on the key technologies of question and answer systems in the field of financial auditing in universities. In the question-answer retrieval stage, the local information and the global information of the sentence are first modelled using a two-way coding model based on the attentional mechanism, and then, an interactive text matching model is used to interact directly at the input layer, and a multilayer convolutional neural network model cable news network (CNN) is used to extract the fine-grained matching features from the interaction matrix; this study adopts two matching methods. We have conducted comparative experiments to verify the effectiveness and application value of the entity recognition algorithm based on this study’s algorithm and the question-answer retrieval model based on multi-granularity text matching in the university financial audit domain.

show abstract

Section: Introductionmentioning

confidence: 99%

Question and Answer Techniques for Financial Audits in Universities Based on Deep Learning

Li¹

2022

Mathematical Problems in Engineering

View full text Add to dashboard Cite

show abstract

“…In particular, they reviewed 61 primary studies, published up to February 2021, and explored the data requirements, collection, labeling and cleaning processes, also discussing the challenges of these processes. Semasaba et al presented a systematic literature review of software vulnerability analysis on source code using Deep Learning (DL) [5]. They retrieved 28 papers published between 2014 and 2020 by searching on six widely used Digital Libraries for studies about software vulnerability detection.…”

Section: Related Workmentioning

confidence: 99%

Software vulnerability prediction: A systematic mapping study

Kalouptsoglou

Siavvas

Ampatzoglou

et al. 2023

Information and Software Technology

View full text Add to dashboard Cite

“…To the best of our knowledge, only two studies have been published that focus on systematically reviewing SVP research and knowledge: Semasaba et al [17], and Hasif et al [4]. The former exclusively investigated Deep Learning techniques, whereas the latter provided a wider view of SV detection, including non-learning based techniques.…”

Section: Existing Svp Reviewsmentioning

confidence: 99%

“…The SV data used to train a model is the most imperative component of this data-driven process. Although most studies have reported data preparation and data quality as significant issues for this research area [4], [10], [13], [16], [17], [24], they have not performed in-depth analysis of the data quality in SVP research to determine the encountered issues or potential solutions. This knowledge gap fails to provide practitioners and researchers with the specific insights needed to remediate data quality issues.…”

Section: Existing Svp Reviewsmentioning

confidence: 99%

“…However, despite the importance and difficulties of SV data preparation for both industry and academia, there has been relatively little effort allocated to systematically understand the known challenges of data preparation for SVP models and how to address them. Whilst there are several secondary studies that have analyzed SVP research [4], [13], [16], [17] and acknowledged the existence of problems with the data preparation, these studies have not focused on thoroughly investigating the data preparation related challenges in SVP research.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Data Preparation for Software Vulnerability Prediction: A Systematic Literature Review

Croft¹,

Xie²,

Babar³

2021

Preprint

View full text Add to dashboard Cite

Software Vulnerability Prediction (SVP) is a data-driven technique for software quality assurance that has recently gained considerable attention in the Software Engineering research community. However, the difficulties of preparing Software Vulnerability (SV) related data remains as the main barrier to industrial adoption. Despite this problem, there have been no systematic efforts to analyse the existing SV data preparation techniques and challenges. Without such insights, we are unable to overcome the challenges and advance this research domain. Hence, we are motivated to conduct a Systematic Literature Review (SLR) of SVP research to synthesize and gain an understanding of the data considerations, challenges and solutions that SVP researchers provide. From our set of primary studies, we identify the main practices for each data preparation step. We then present a taxonomy of 16 key data challenges relating to six themes, which we further map to six categories of solutions. However, solutions are far from complete, and there are several ill-considered issues. We also provide recommendations for future areas of SV data research. Our findings help illuminate the key SV data practices and considerations for SVP researchers and practitioners, as well as inform the validity of the current SVP approaches.

show abstract

Literature survey of deep learning-based vulnerability analysis on source code

Cited by 14 publications

References 63 publications

Question and Answer Techniques for Financial Audits in Universities Based on Deep Learning

Question and Answer Techniques for Financial Audits in Universities Based on Deep Learning

Software vulnerability prediction: A systematic mapping study

Data Preparation for Software Vulnerability Prediction: A Systematic Literature Review

Contact Info

Product

Resources

About