Static Code Analysis Alarms Filtering Reloaded: A New Real-World Dataset and its ML-Based Utilization

Hegedűs, Péter; Ferenć, Rudolf

doi:10.1109/access.2022.3176865

Cited by 7 publications

(5 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Reduction of false positives: NLP techniques have been incorporated, which has decreased the number of false positive alerts. NLP assists in filtering out irrelevant warnings, reducing the workload on security personnel and enabling them to concentrate on real risks by considering the linguistic context and intent underlying security occurrences (Hegedűs P, 2022).…”

Section: Automated Incident Evaluationmentioning

confidence: 99%

Threat Detection and Response Using AI and NLP in Cybersecurity

Ismail

2024

JISIS

View full text Add to dashboard Cite

Introduction: In an age of rapid technical innovation and a growing digital world, protecting sensitive data from cyberattacks is crucial. The dynamic and complicated nature of these attacks requires novel cybersecurity solutions. Methods: This study analyses how Artificial Intelligence (AI) and Natural Language Processing (NLP) strengthen cybersecurity. The qualitative research approach is followed to gather data through a literature review of relevant scholarly articles and conduct interviews with cybersecurity specialists. Results: Recent AI advances have greatly enhanced the detection of anomalous patterns and behaviors in huge datasets, a key threat identification tool. NLP has also excelled at detecting malevolent intent in textual data, such as phishing efforts. AI and NLP enable adaptive security policies, enabling agile responses to evolving security issues. Expert interviews confirm that AI and NLP reduce false positives, improve threat intelligence, streamline network security setups, and improve compliance checks. These technologies enable responsive security policies, which give a strategic edge against developing security threats. AI and NLP's predictive skills could revolutionize cybersecurity by preventing threats. Conclusion: This study shows that AI and NLP have improved cybersecurity threat detection, automated incident response, and adaptive security policies. Overcoming threat detection, aggressive attacks and data privacy issues is essential to properly leveraging these advances and strengthening cyber resilience in a changing digital landscape.

show abstract

Section: Automated Incident Evaluationmentioning

confidence: 99%

Threat Detection and Response Using AI and NLP in Cybersecurity

Ismail

2024

JISIS

View full text Add to dashboard Cite

show abstract

“…Hegedus and Ferenc [55] used a machine learning model to filter out false positive code analysis warnings from an open-source Java dataset, achieving an accuracy of 91%, an F1-score of 81.3%, and an AUC of 95.3%. NLP transformers offer an efficient and accurate method for bug detection by analyzing source code, identifying patterns, and detecting inconsistencies indicative of bugs.…”

Section: Bug Detection and Correctionmentioning

confidence: 99%

AI-Assisted Programming Tasks Using Code Embeddings and Transformers

Kotsiantis,

Verykios,

Tzagarakis

2024

Electronics

View full text Add to dashboard Cite

This review article provides an in-depth analysis of the growing field of AI-assisted programming tasks, specifically focusing on the use of code embeddings and transformers. With the increasing complexity and scale of software development, traditional programming methods are becoming more time-consuming and error-prone. As a result, researchers have turned to the application of artificial intelligence to assist with various programming tasks, including code completion, bug detection, and code summarization. The utilization of artificial intelligence for programming tasks has garnered significant attention in recent times, with numerous approaches adopting code embeddings or transformer technologies as their foundation. While these technologies are popular in this field today, a rigorous discussion, analysis, and comparison of their abilities to cover AI-assisted programming tasks is still lacking. This article discusses the role of code embeddings and transformers in enhancing the performance of AI-assisted programming tasks, highlighting their capabilities, limitations, and future potential in an attempt to outline a future roadmap for these specific technologies.

show abstract

“…In general, static code analysis tools tend to produce a high number of false positives [25], which can have various practical effects.…”

Section: B False Positivesmentioning

confidence: 99%

Comprehensive Evaluation of Static Analysis Tools for Their Performance in Finding Vulnerabilities in Java Code

Alqaradaghi,

Kozsik

2024

IEEE Access

View full text Add to dashboard Cite

Various static code analysis tools have been designed with the aim of detecting software faults and security vulnerabilities automatically. This paper aims to 1) Conduct an empirical evaluation to assess the performance of five free and state-of-the-art static analysis tools in detecting Java security vulnerabilities using a well-defined and repeatable approach. 2) Report on the vulnerabilities that are best and worst detected by static Java analyzers. We used the Juliet benchmark test suite in a controlled experiment to assess the effectiveness of five widely used Java static analysis tools. The vulnerabilities were successfully detected by one, two, or three tools. Only one vulnerability has been detected by four tools. The tools missed 13% of the Java vulnerability categories appearing in our experiment. More critically, none of the five tools could identify all the vulnerabilities in our experiment. We conclude that, despite recent improvements in their methodologies, current state-of-the-art static analysis tools are still ineffective for identifying the security vulnerabilities occurring in a small-scale, artificial test suite.

show abstract

Static Code Analysis Alarms Filtering Reloaded: A New Real-World Dataset and its ML-Based Utilization

Cited by 7 publications

References 29 publications

Threat Detection and Response Using AI and NLP in Cybersecurity

Threat Detection and Response Using AI and NLP in Cybersecurity

AI-Assisted Programming Tasks Using Code Embeddings and Transformers

Comprehensive Evaluation of Static Analysis Tools for Their Performance in Finding Vulnerabilities in Java Code

Contact Info

Product

Resources

About