On the Verification of Software Vulnerabilities During Static Code Analysis Using Data Mining Techniques

Cheirdari, Foteini; Karabatis, George

doi:10.1007/978-3-319-69459-7_7

Search citation statements

Order By: Relevance

Paper Sections

Select...

Data Mining Based Approaches1

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2019

2023

Publication Types

Select...

Article2

Other1

Relationship

Self Cite0

Independent3

Authors

Journals

Cited by 3 publications

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then they use the patterns to filter false alerts. In [39], the authors use the Stochastic gradient descent (SGD) DM technique to reduce the complexity of finding patterns from important alerts set of several SAT's reports. Then, the authors use the Adaboost ML-based technique to create a stronger classifier trained from the SGD output.…”

Section: Data Mining Based Approachesmentioning

confidence: 99%

Software Security Static Analysis False Alerts Handling Approaches

Akremi¹

2021

IJACSA

View full text Add to dashboard Cite

False Positive Alerts (FPA), generated by Static Analyzers Tools (SAT), reduce the effectiveness of the automatic code review, letting them be underused in practice. Researchers conduct a lot of tests to improve SAT accuracy while keeping FPA at a lower rate. They use different simulated and production datasets to validate their proposed methods. This paper surveys recent approaches dealing with FPA filtering; it compares them and discusses their usefulness. It also studies the used datasets to validate the identified methods and show their effectiveness to cover most program defects. This study focuses mainly on the security bugs covered by the datasets and handled by the existing methods.

show abstract

Section: Data Mining Based Approachesmentioning

confidence: 99%