NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • No language data
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 1 of 1 (0.105 seconds)
1

Predicting vulnerability for requirements: A data-driven approach

Imtiaz, Sayem Mohammad 09 August 2019 (has links)
Being software security one of the primary concerns in the software engineering community, researchers are coming up with many preemptive approaches which are primarily designed to detect vulnerabilities in the post-implementation stage of the software development life-cycle (SDLC). While they have been shown to be effective in detecting vulnerabilities, the consequences are often expensive. Accommodating changes after detecting a bug or vulnerability in late stages of the SDLC is costly. On that account, in this thesis, we propose a novel framework to provide an additional measure of predicting vulnerabilities at earlier stages of the SDLC. To that end, we leverage state-of-the-art machine learning classification algorithms to predict vulnerabilities for new requirements. We also present a case study on a large open-source-software (OSS) system, Firefox, evaluating the effectiveness of the extended prediction module. The results demonstrate that the framework could be a viable augmentation to the traditional vulnerabilityighting tools.
information retrieval
machine learning
requirement traceability
software security
software vulnerability prediction

Page generated in 0.1103 seconds