Software vulnerability analysis and discovery using machine-learning and data-mining techniques: A survey
SM Ghaffarian, HR Shahriari - ACM computing surveys (CSUR), 2017 - dl.acm.org
Software security vulnerabilities are one of the critical issues in the realm of computer
security. Due to their potential high severity impacts, many different approaches have been …
security. Due to their potential high severity impacts, many different approaches have been …
Opportunities and challenges in code search tools
Code search is a core software engineering task. Effective code search tools can help
developers substantially improve their software development efficiency and effectiveness. In …
developers substantially improve their software development efficiency and effectiveness. In …
On the" naturalness" of buggy code
Real software, the kind working programmers produce by the kLOC to solve real-world
problems, tends to be" natural", like speech or natural language; it tends to be highly …
problems, tends to be" natural", like speech or natural language; it tends to be highly …
Automatic inference of search patterns for taint-style vulnerabilities
Taint-style vulnerabilities are a persistent problem in software development, as the recently
discovered" Heart bleed" vulnerability strikingly illustrates. In this class of vulnerabilities …
discovered" Heart bleed" vulnerability strikingly illustrates. In this class of vulnerabilities …
Static analysis of information systems for IoT cyber security: a survey of machine learning approaches
Ensuring security for modern IoT systems requires the use of complex methods to analyze
their software. One of the most in-demand methods that has repeatedly been proven to be …
their software. One of the most in-demand methods that has repeatedly been proven to be …
Automated API property inference techniques
MP Robillard, E Bodden, D Kawrykow… - IEEE Transactions …, 2012 - ieeexplore.ieee.org
Frameworks and libraries offer reusable and customizable functionality through Application
Programming Interfaces (APIs). Correctly using large and sophisticated APIs can represent a …
Programming Interfaces (APIs). Correctly using large and sophisticated APIs can represent a …
Chucky: Exposing missing checks in source code for vulnerability discovery
Uncovering security vulnerabilities in software is a key for operating secure systems.
Unfortunately, only some security flaws can be detected automatically and the vast majority …
Unfortunately, only some security flaws can be detected automatically and the vast majority …
A systematic evaluation of static api-misuse detectors
Application Programming Interfaces (APIs) often have usage constraints, such as restrictions
on call order or call conditions. API misuses, ie, violations of these constraints, may lead to …
on call order or call conditions. API misuses, ie, violations of these constraints, may lead to …
A graph-based approach to API usage adaptation
Reusing existing library components is essential for reducing the cost of software
development and maintenance. When library components evolve to accommodate new …
development and maintenance. When library components evolve to accommodate new …
Performance debugging in the large via mining millions of stack traces
Given limited resource and time before software release, development-site testing and
debugging become more and more insufficient to ensure satisfactory software performance …
debugging become more and more insufficient to ensure satisfactory software performance …