Redirigiendo al acceso original de articulo en 22 segundos...
Inicio  /  Applied Sciences  /  Vol: 12 Par: 23 (2022)  /  Artículo
ARTÍCULO
TITULO

Machine Learning-Based Security Pattern Recognition Techniques for Code Developers

Sergiu Zaharia    
Traian Rebedea and Stefan Trausan-Matu    

Resumen

Software developers represent the bastion of application security against the overwhelming cyber-attacks which target all organizations and affect their resilience. As security weaknesses which may be introduced during the process of code writing are complex and matching different and variate skills, most applications are launched intrinsically vulnerable. We have advanced our research for a security scanner able to use automated learning techniques based on machine learning algorithms to recognize patterns of security weaknesses in source code. To make the scanner independent on the programming language, the source code is converted to a vectorial representation using natural language processing methods, which are able to retain semantical traits of the original code and at the same time to reduce the dependency on the lexical structure of the program. The security flaws detection performance is in the ranges accepted by software security professionals (recall > 0.94) even when vulnerable samples are very low represented in the dataset (e.g., less than 4% vulnerable code for a specific CWE in the dataset). No significant change or adaptation is needed to change the source code language under scrutiny. We apply this approach on detecting Common Weaknesses Enumeration (CWE) vulnerabilities in datasets provided by NIST (Test suites?NIST Software Assurance Reference Dataset).

 Artículos similares

       
 
Subin Kim, Heejin Hwang, Keunyeong Oh and Jiuk Shin    
The seismically deficient column details in existing reinforced concrete buildings affect the overall behavior of the building depending on the failure type of the column. The purpose of this study is to develop and validate a machine-learning-based pred... ver más
Revista: Applied Sciences

 
Myoung-Su Choi, Dong-Hun Han, Jun-Woo Choi and Min-Soo Kang    
Sleep apnea has emerged as a significant health issue in modern society, with self-diagnosis and effective management becoming increasingly important. Among the most renowned methods for self-diagnosis, the STOP-BANG questionnaire is widely recognized as... ver más
Revista: Applied Sciences

 
Xiaohui Yan, Tianqi Zhang, Wenying Du, Qingjia Meng, Xinghan Xu and Xiang Zhao    
Water quality prediction, a well-established field with broad implications across various sectors, is thoroughly examined in this comprehensive review. Through an exhaustive analysis of over 170 studies conducted in the last five years, we focus on the a... ver más

 
Saikat Das, Mohammad Ashrafuzzaman, Frederick T. Sheldon and Sajjan Shiva    
The distributed denial of service (DDoS) attack is one of the most pernicious threats in cyberspace. Catastrophic failures over the past two decades have resulted in catastrophic and costly disruption of services across all sectors and critical infrastru... ver más
Revista: Algorithms

 
Eike Blomeier, Sebastian Schmidt and Bernd Resch    
In the early stages of a disaster caused by a natural hazard (e.g., flood), the amount of available and useful information is low. To fill this informational gap, emergency responders are increasingly using data from geo-social media to gain insights fro... ver más
Revista: Information