Just-in-time software vulnerability detection: Are we there yet?
نویسندگان
چکیده
Software vulnerabilities are weaknesses in source code that might be exploited to cause harm or loss. Previous work has proposed a number of automated machine learning approaches detect them. Most these techniques at release-level, meaning they aim predicting the files will potentially vulnerable future release. Yet, researchers have shown commit-level identification issues better fit developer’s needs, speeding up their resolution. To investigate how currently available learning-based vulnerability detection mechanisms can support developers commit-level. We perform an empirical study where we consider nine projects accounting for 8991 commits and experiment with eight learners built using process, product, textual metrics. point out three main findings: (1) basic rarely well; (2) use ensemble algorithms based on boosting substantially improve performance; (3) combination more metrics does not necessarily classification capabilities. Further research should focus just-in-time detection, especially respect introduction smart feature selection training strategies.
منابع مشابه
"Are we there yet?".
Changes in laws are reflected – even foreshadowed on occasion – by the field’s scholarship. In the 1980s, there were few who recognized that adults with disabilities were an important resource in the education of students with disabilities or that issues of race and culture had consequence for identifying and delivering services to these children. It is striking that this special issue of the L...
متن کاملAre We There Yet?
Statistical approaches to Artificial Intelligence are behind most success stories of the field in the past decade. The idea of generating non-trivial behaviour by analysing vast amounts of data has enabled recommendation systems, search engines, spam filters, optical character recognition, machine translation and speech recognition, among other things. As we celebrate the spectacular achievemen...
متن کاملAre We There Yet?
Children in the back seat on a long trip are not the only ones asking the question “Are we there yet?” At Murray State University (MSU) and other universities starting new programs, the question becomes one of validation of the program. In the late 90s, MSU, a midsize university, was entrusted with the responsibility of developing a program of distinction with financial support from special sta...
متن کاملAre We There Yet?
've always been an avid traveler and often look forward to planning summer trips to faraway destinations. However , whether by train, plane, or automobile , long-distance travel for the majority of us usually comes with some degree of discomfort—long periods of time sitting in a seat with a limited selection of things to do. Fun traveling companions and a good book can help, but faced with a lo...
متن کاملEarly detection of central lung cancer: are we there yet?
Computed Tomography (CT), Magnetic Resonance Imaging (MRI), and X-rays have been very disappointing in the detection and diagnosis of central (airways/endobronchial) lesions. Bronchoscopy with direct visualization and other supportive technologies has been the primary tool for the detection and surveillance of endobronchial precancerous and cancerous lesions. Early detection of lung cancer allo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Systems and Software
سال: 2022
ISSN: ['0164-1212', '1873-1228']
DOI: https://doi.org/10.1016/j.jss.2022.111283