TY - GEN
T1 - Survey
T2 - 7th International Conference on Software Security and Assurance, ICSSA 2021
AU - Rizvi, Syed
AU - Moate, Miles
AU - Fisanick, Stephen
AU - McConnell, Erin
AU - Burns, Joseph
AU - Jens, Jeremy
AU - Stawski, Vita
N1 - Publisher Copyright:
©2021 IEEE.
PY - 2021
Y1 - 2021
N2 - In this day and age, there is a constant growth in technology and a flood of software and devices in the market. With this comes the need for security improvements. Software analysis alone can take substantial time, cost, and extraordinary talent. There is also a large repository of shared code available. Social coding is an avenue that plays into the reason of having a way to detect vulnerabilities, be it originally in the code or added into later, is even more of a concern. One possible way to assist in the process of vulnerability detection is the use of machine learning. Machine learning is something that has proved to be efficient, cost-effective, and beneficial so far in this aspect. With the use of static analysis, we think it is the future for software developers and analyzers. It is important to discuss where we are now with utilizing machine learning and where we can go. This paper provides the foundation to begin this discussion by developing an understanding of how machine learning algorithms are being used to detect vulnerabilities in software and their limitations.
AB - In this day and age, there is a constant growth in technology and a flood of software and devices in the market. With this comes the need for security improvements. Software analysis alone can take substantial time, cost, and extraordinary talent. There is also a large repository of shared code available. Social coding is an avenue that plays into the reason of having a way to detect vulnerabilities, be it originally in the code or added into later, is even more of a concern. One possible way to assist in the process of vulnerability detection is the use of machine learning. Machine learning is something that has proved to be efficient, cost-effective, and beneficial so far in this aspect. With the use of static analysis, we think it is the future for software developers and analyzers. It is important to discuss where we are now with utilizing machine learning and where we can go. This paper provides the foundation to begin this discussion by developing an understanding of how machine learning algorithms are being used to detect vulnerabilities in software and their limitations.
UR - http://www.scopus.com/inward/record.url?scp=85217275096&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85217275096&partnerID=8YFLogxK
U2 - 10.1109/ICSSA53632.2021.00017
DO - 10.1109/ICSSA53632.2021.00017
M3 - Conference contribution
AN - SCOPUS:85217275096
T3 - Proceedings - 2021 International Conference on Software Security and Assurance, ICSSA 2021
SP - 47
EP - 51
BT - Proceedings - 2021 International Conference on Software Security and Assurance, ICSSA 2021
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 10 November 2021 through 11 November 2021
ER -