IRIS

A large literature exists that investigates the use of learning models for vulnerabilities detection. Even if it is well-recognized that the presence of code weaknesses (CWEs) in code fragments can make them vulnerable, most of the effort has been spent to propose new models and methods for the early detection of vulnerable code in a dataset of code fragments. This paper reports a preliminary study conducted to adopt Knowledge Graphs (KGs) for detecting the presence of CWEs in the code. The proposed approach has been evaluated on two datasets and has shown interesting results.

Towards a Knowledge Graph Based Approach for Vulnerable Code Weaknesses Identification / Vecellio Reane, Martina; Dall'Anese, Daniele; Lekeufack Foulefack, Rosmael Zidane; Marchetto, Alessandro. - (2025), pp. 159-166. (Intervento presentato al convegno 36th IFIP WG 6.1 International Conference on Testing Software and Systems (ICTSS 2024) tenutosi a London nel October 30 - November 1, 2024) [10.1007/978-3-031-80889-0_11].

Towards a Knowledge Graph Based Approach for Vulnerable Code Weaknesses Identification

Marchetto, Alessandro
2025-01-01

Abstract

A large literature exists that investigates the use of learning models for vulnerabilities detection. Even if it is well-recognized that the presence of code weaknesses (CWEs) in code fragments can make them vulnerable, most of the effort has been spent to propose new models and methods for the early detection of vulnerable code in a dataset of code fragments. This paper reports a preliminary study conducted to adopt Knowledge Graphs (KGs) for detecting the presence of CWEs in the code. The proposed approach has been evaluated on two datasets and has shown interesting results.
2025
Testing Software and Systems
Cham (SW)
Springer Cham
9783031808883
9783031808890
2-s2.0-85218441024
Vecellio Reane, Martina; Dall'Anese, Daniele; Lekeufack Foulefack, Rosmael Zidane; Marchetto, Alessandro
Towards a Knowledge Graph Based Approach for Vulnerable Code Weaknesses Identification / Vecellio Reane, Martina; Dall'Anese, Daniele; Lekeufack Foulefack, Rosmael Zidane; Marchetto, Alessandro. - (2025), pp. 159-166. (Intervento presentato al convegno 36th IFIP WG 6.1 International Conference on Testing Software and Systems (ICTSS 2024) tenutosi a London nel October 30 - November 1, 2024) [10.1007/978-3-031-80889-0_11].
File in questo prodotto:
File Dimensione Formato  
3.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 194.88 kB
Formato Adobe PDF
  Visualizza/Apri
194.88 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/445811
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact