2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR) 2019
DOI: 10.1109/msr.2019.00063
|View full text |Cite
|
Sign up to set email alerts
|

Automated Software Vulnerability Assessment with Concept Drift

Abstract: Software Engineering researchers are increasingly using Natural Language Processing (NLP) techniques to automate Software Vulnerabilities (SVs) assessment using the descriptions in public repositories. However, the existing NLP-based approaches suffer from concept drift. This problem is caused by a lack of proper treatment of new (out-of-vocabulary) terms for the evaluation of unseen SVs over time. To perform automated SVs assessment with concept drift using SVs' descriptions, we propose a systematic approach … Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

2
19
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 29 publications
(21 citation statements)
references
References 46 publications
2
19
0
Order By: Relevance
“…One such task that has been regularly investigated is severity prediction [5]. selected stage for prediction, e.g., for bug reports [9] or SV databases [18]. Through this RQ, we display the impacts on prediction performance that dataset selection can have, and hence motivate researchers to properly consider this issue.…”
Section: A Research Questionsmentioning
confidence: 99%
See 4 more Smart Citations
“…One such task that has been regularly investigated is severity prediction [5]. selected stage for prediction, e.g., for bug reports [9] or SV databases [18]. Through this RQ, we display the impacts on prediction performance that dataset selection can have, and hence motivate researchers to properly consider this issue.…”
Section: A Research Questionsmentioning
confidence: 99%
“…Older users may be better at assessing SVs. data as input [9], [18], to predict the normalized severity categories described in Table IV. Following these practices, we preprocessed text descriptions through removal of stop words (using the NLTK and sklearn stopword list) and punctuation, conversion to lowercase, and stemming.…”
Section: Reporter Profile Agementioning
confidence: 99%
See 3 more Smart Citations