We review machine learning approaches for detecting (and correcting) vulnerabilities in source code, finding that the biggest challenges ahead involve agreeing to a benchmark, increasing language and error type coverage, and using pipelines that do not flatten the code’s structure.
Machine Learning for Source Code Vulnerability Detection: What Works and What Isn't There Yet / Marjanov, Tina; Pashchenko, Ivan; Massacci, Fabio. - In: IEEE SECURITY & PRIVACY. - ISSN 1540-7993. - 20:5(2022), pp. 60-76. [10.1109/MSEC.2022.3176058]
Machine Learning for Source Code Vulnerability Detection: What Works and What Isn't There Yet
Ivan Pashchenko;Fabio Massacci
2022-01-01
Abstract
We review machine learning approaches for detecting (and correcting) vulnerabilities in source code, finding that the biggest challenges ahead involve agreeing to a benchmark, increasing language and error type coverage, and using pipelines that do not flatten the code’s structure.File in questo prodotto:
| File | Dimensione | Formato | |
|---|---|---|---|
|
Machine_Learning_for_Source_Code_Vulnerability_Detection_What_Works_and_What_Isnt_There_Yet.pdf
accesso aperto
Descrizione: Articolo Finale
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Creative commons
Dimensione
1.24 MB
Formato
Adobe PDF
|
1.24 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
