A bug Mining tool to identify and analyze security bugs using Naive Bayes and TF-IDF

Behl, Diksha; Handa, S. S.; Arora, Anuja

doi:10.1109/icroit.2014.6798341

Cited by 54 publications

(30 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wijayasekara et al [53] show the hidden impact vulnerabilities that were first identified as non-security bugs and publicized and later were identified as vulnerabilities due to exploits. In addition, previous work [5,15,23,50,54,65] has used supervised and unsupervised learning techniques to classify the vulnerabilities and general bugs based on the textual information of the patches. Tyo [50] showed that the Naive Bayes and Support Vector Machine classifiers always have the best performance.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Wu¹,

He²,

McCamant³

et al. 2020

Proceedings 2020 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

A bug is a vulnerability if it has security impacts when triggered. Determining the security impacts of a bug is important to both defenders and attackers. Maintainers of large software systems are bombarded with numerous bug reports and proposed patches, with missing or unreliable information about their impact. Determining which few bugs are vulnerabilities is difficult, and bugs that a maintainer believes do not have security impact will be de-prioritized or even ignored. On the other hand, a public report of a bug with a security impact is a powerful first step towards exploitation. Adversaries may exploit such bugs to launch devastating attacks if defenders do not fix them promptly. Common practice is for maintainers to assess the security impacts of bugs manually, but the scaling and reliability challenges of manual analysis lead to missed vulnerabilities. We propose an automated approach, SID, to determine the security impacts for a bug given its patch, so that maintainers can effectively prioritize applying the patch to the affected programs. The insight behind SID is that both the effect of a patch (either submitted or applied) and security-rule violations (e.g., out-of-bound access) can be modeled as constraints that can be automatically solved. SID incorporates rule comparison, using under-constrained symbolic execution of a patch to determine the security impacts of an un-applied patch. SID can further automatically classify vulnerabilities based on their security impacts. We have implemented SID and applied it to bug patches of the Linux kernel and matching CVE-assigned vulnerabilities to evaluate its precision and recall. We optimized SID to reduce false positives, and our evaluation shows that, from 54K recent valid commit patches, SID detected 227 security bugs with at least 243 security impacts at a 97% precision rate. Critically, 197 of them were not reported as vulnerabilities before, leading to delayed or ignored patching in derivative programs. Even worse, 21 of them are still unpatched in the latest Android kernel. Once exploited, they can cause critical security impacts on Android devices. The evaluation results confirm that SID's approach is effective and precise in automatically determining security impacts for a massive stream of bug patches.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Given the significance of security bugs, many recent papers [5,19,23,50,53,54,65] have attempted to distinguish security bugs from general bugs automatically. Most of these works focus on analyzing textual information, such as a bug description, and their classification of security impacts is mainly based on text-mining techniques.…”

Section: Introductionmentioning

confidence: 99%

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Wu¹,

He²,

McCamant³

et al. 2020

Proceedings 2020 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Section 5 is about recommendation experiment using tensor factorization and tensor dimensions are further reduced as per the assigned weight using Latent Dirichlet Allocation algorithm. Section 6 is associated with results which show reduction in less relevant recommendations and accuracy improvement with the help of recall and precision [27] and finally, Sect. 7 concludes the paper and mentions future scope.…”

Section: Introductionmentioning

confidence: 99%

Cross-domain based Event Recommendation using Tensor Factorization

Arora

Taneja

Parashar

et al. 2016

Open Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract:Context in the form of meta-data has been accredited as an important component in cross-domain collaborative filtering (CDCF). In this research paper CDCF concept is used to exploit event information (context) from two UI matrices to allow the recommendation performance of one domain (Facebook-User-Event Matrix) to benefit from the information from another domain (Bookmyshow-Event-Tag Matrix). The model based collaborative filtering approach Tensor Factorization(TF) has been used to integrate Facebook provided User-Event context information with Bookmyshow Event-Tag context information to recommend events. In contrast to the standard collaborative tag recommendation, our CDCF approach uses one User-Event matrix of Facebook that takes another Bookmyshow Event-Tag matrix as additional informant. The proposed cross-domain based Event Recommendation approach is divided into three modules-i) data collection which extracts the unstructured dataset from the two domains Bookmyshow and social networking site Facebook using API's; ii) data mapping module which is basically used to integrate the common knowledge/ data that can be shared between considered different domains (Facebook & Bookmyshow). This module integrates and reduces the data into structured events' instances. As the dataset was collected from two different sites, an intersection of both was taken out. Therefore this module is carefully designed according to reliability of information that is common between two domains; iii) 3 order tensor factorization and Latent Dirichlet Allocation (LDA) used for most preferable recommendation by less pertinent result *Corresponding Author: Anuja Arora: CSE/IT Department, Jaypee Institute of Information Technology, Noida, India; Email: anuja.arora29@gmail.com Vaibhav Taneja: CSE/IT Department, Jaypee Institute of Information Technology, Noida, India; Email: vaibhavtaneja2@gmail.com Sonali Parashar: CSE/IT Department, Jaypee Institute of Information Technology, Noida, India; Email: sonali.parashar29@gmail.com Apurva Mishra: CSE/IT Department, Jaypee Institute of Information Technology, Noida, India; Email: apurvamishra95@gmail.com reduction. The proposed 3 order tensor factorization is designed for maximizing the mutual benefit from both the considered domains (organizer and user). Therefore providing three recommendations: For organizers: 1) system recommends places to conduct specific event according to maximum of attendees of a particular type of event at a specific location; 2) recommending target audience to organizer: those who are interested to attend event on the basis of past data for promotion purposes. For users: 3) recommending events to users of their interest on the basis of past record. Our result shows significant improvement in reduction of less relevant data and result effectiveness is measured through recall and precision. Reduction of less relevant recommendation is 64%, 72% and 63% for place recommendation to organizer, target audience recommendation to organizer and event recommendation to us...

show abstract

“…The text mining method used was a basic "bag of words" approach where the frequency of Behl et al published a paper which highly relates to our work [4], however this paper does not seem to be credible. They claim to have used "the bugzilla repository of bug reports," however bugzilla is an issue tracking system software suite and has no repository of bug reports.…”

Section: Automated Bug Report Classificationmentioning

confidence: 90%

“…Supervised machine learning algorithms were used to classify each bug report as security related or not (two-class problem), based only on the information found in a bug tracking system. Several efforts have been done [4], [5], [6], and [7], which focused on separating security from non-security bug reports: [4], [5], and [6] automated this process achieving moderate performance. Furthermore, all approaches were only focused on classification to security and non-security bug reports.…”

Section: Research Questions and Contributionsmentioning

confidence: 99%

Empirical Analysis and Automated Classification of Security Bug Reports

Tyo

View full text Add to dashboard Cite

Empirical Analysis and Automated Classification of Security Bug Reports Jacob P. Tyo With the ever expanding amount of sensitive data being placed into computer systems, the need for effective cybersecurity is of utmost importance. However, there is a shortage of detailed empirical studies of security vulnerabilities from which cybersecurity metrics and best practices could be determined. This thesis has two main research goals: (1) to explore the distribution and characteristics of security vulnerabilities based on the information provided in bug tracking systems and (2) to develop data analytics approaches for automatic classification of bug reports as security or non-security related. This work is based on using three NASA datasets as case studies. The empirical analysis showed that the majority of software vulnerabilities belong only to a small number of types. Addressing these types of vulnerabilities will consequently lead to cost efficient improvement of software security. Since this analysis requires labeling of each bug report in the bug tracking system, we explored using machine learning to automate the classification of each bug report as a security or non-security related (two-class classification), as well as each security related bug report as specific security type (multiclass classification). In addition to using supervised machine learning algorithms, a novel unsupervised machine learning approach is proposed. Of the machine learning algorithms tested, Naive Bayes was the most consistent, well performing classifier across all datasets. The novel unsupervised approach did not perform as well as the supervised methods, but still performed well resulting in a G-Score of 0.715 in the case of best performance whereas the supervised approach achieved a G-Score of 0.903 in the case of best performance. I would like to express my sincere gratitude to my parents, siblings, and friends for their unwavering support.

show abstract

A bug Mining tool to identify and analyze security bugs using Naive Bayes and TF-IDF

Cited by 54 publications

References 8 publications

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Precisely Characterizing Security Impact in a Flood of Patches via Symbolic Rule Comparison

Cross-domain based Event Recommendation using Tensor Factorization

Empirical Analysis and Automated Classification of Security Bug Reports

Contact Info

Product

Resources

About