Lessons Learned from Using a Deep Tree-Based Model for Software Defect Prediction in Practice

Dam, Hoa Khanh; Pham, Trang; Ng, Shien Wee; Tran, Truyen; Grundy, John; Ghose, Aditya; Kim, Taeksu; Kim, Chul-Joo

doi:10.1109/msr.2019.00017

Cited by 130 publications

(99 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A recent development is to exploit deep learning, which has a great potential in reducing the burden on human experts for defining features. VulDeePecker [13] is the first system using deep learning to detect vulnerabilities at slice-level, while noting that there are also related studies on using deep learning for vulnerability discovery at the function level [14], [51], defect prediction [15] and related tasks [16]. Above systems are binary classifiers by telling whether a piece of code is vulnerable or not.…”

Section: Pattern-based Vulnerability Detectionmentioning

confidence: 99%

“…These solutions reduce the workload on human experts because they only need to roughly define features for learning machine learning-based models that can detect vulnerabilities, rather than defining vulnerability patterns manually. Compared with traditional machine learning techniques, researchers have started using deep learning for detecting vulnerabilities [13], [14] and software defects [15], [16].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Zou

Wang

et al. 2019

IEEE Trans. Dependable and Secure Comput.

156

View full text Add to dashboard Cite

Fine-grained software vulnerability detection is an important and challenging problem. Ideally, a detection system (or detector) not only should be able to detect whether or not a program contains vulnerabilities, but also should be able to pinpoint the type of a vulnerability in question. Existing vulnerability detection methods based on deep learning can detect the presence of vulnerabilities (i.e., addressing the binary classification or detection problem), but cannot pinpoint types of vulnerabilities (i.e., incapable of addressing multiclass classification). In this paper, we propose the first deep learning-based system for multiclass vulnerability detection, dubbed µVulDeePecker. The key insight underlying µVulDeePecker is the concept of code attention, which can capture information that can help pinpoint types of vulnerabilities, even when the samples are small. For this purpose, we create a dataset from scratch and use it to evaluate the effectiveness of µVulDeePecker. Experimental results show that µVulDeePecker is effective for multiclass vulnerability detection and that accommodating control-dependence (other than data-dependence) can lead to higher detection capabilities.

show abstract

Section: Pattern-based Vulnerability Detectionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Zou

Wang

et al. 2019

IEEE Trans. Dependable and Secure Comput.

156

View full text Add to dashboard Cite

show abstract

“…A method is suggested for estimating defectiveness of source code by Kapur and Sodhi [21]. Dam et al [22] introduced a deep tree-based model for software defect prediction.…”

Section: B Code Miningmentioning

confidence: 99%

Actionable Analytics on Software Requirement Specifications

Bamizadeh*,

Kumar,

Kumar

et al. 2020

IJRTE

View full text Add to dashboard Cite

The volume of data and need for churning this data to provide useful information has increased the scope of data mining and made it promising in recent years. Software intelligence (SI) (as the future of the mining software engineering data) presents theories and techniques to augment software decision making by using fact-based support systems. SI exposes software practitioners to up-to-date and relevant information to support their daily decision activities over the complete software development life cycle. Software documents contain important information for a plenty of software engineering tasks and one such important document is Software requirement specification (SRS) which details the system and user requirements. Inexplicit, ambiguous or imperfect requirements guide leads to a non-acceptable product by users. Constructing of a strong software specification can be supported by building a semantic space, validating new specification for completeness, categorization of software requirement specification and identification of significant concepts and related keywords. This paper proposes a knowledge management system for software document repositories using data analytics and demonstrates its creation and usage for a document set of software requirement specifications

show abstract

“…Most of the software defect prediction techniques focus on complexity software metrics of the defective code. These techniques do not capture different levels of source code semantics which are vital elements for constructing a good prediction models [14]. So, Hoa Khanh Dam et al developed a novel prediction model that can learn the features that represent a source code automatically and can be used for prediction.…”

Section: Literature Surveymentioning

confidence: 99%

“…So, Hoa Khanh Dam et al developed a novel prediction model that can learn the features that represent a source code automatically and can be used for prediction. They applied Long Short Term Memory (LSTM) and deep learning techniques [14] for capturing features like structure of programs and their semantic information. Jian.…”

Section: Literature Surveymentioning

confidence: 99%

Software Defect Prediction u sing Support Vectorised Data and Intelligent Techniques

Kumar*,

Prasad

2020

IJITEE

View full text Add to dashboard Cite

Software enhances the working capability of any business. Developing such a software entrusts the developing organization to build defect free software. In this context we have used PC1 dataset(NASA dataset) which has sufficient parameters for analysis. Intelligent techniques using different methodologies have been applied exhaustively on the PC1 data to find out the best intelligent technique for software defect. As the PC1 data is highly imbalanced data, there was biasness in the prediction of the intelligent techniques. Hence, to overcome this issue, in this paper we tried to propose best balancing method along with the intelligent technique to predict the software defect accurately.

show abstract

Lessons Learned from Using a Deep Tree-Based Model for Software Defect Prediction in Practice

Cited by 130 publications

References 31 publications

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection

Actionable Analytics on Software Requirement Specifications

Software Defect Prediction u sing Support Vectorised Data and Intelligent Techniques

Contact Info

Product

Resources

About