TUHH Open Research
Help
  • Log In
    New user? Click here to register.Have you forgotten your password?
  • English
  • Deutsch
  • Communities & Collections
  • Publications
  • Research Data
  • People
  • Institutions
  • Projects
  • Statistics
  1. Home
  2. TUHH
  3. Publication References
  4. Predicting vulnerable components: Software metrics vs text mining
 
Options

Predicting vulnerable components: Software metrics vs text mining

Publikationstyp
Conference Paper
Date Issued
2014-11
Sprache
English
Author(s)
Walden, James  
Stuckman, Jeffrey  
Scandariato, Riccardo  
TORE-URI
http://hdl.handle.net/11420/14885
Start Page
23
End Page
33
Article Number
6982351
Citation
Proceedings - International Symposium on Software Reliability Engineering, ISSRE: 6982351, 23-33 (2014-12-11)
Contribution to Conference
25th IEEE International Symposium on Software Reliability Engineering, ISSRE 2014  
Publisher DOI
10.1109/ISSRE.2014.32
Scopus ID
2-s2.0-84928669827
Publisher
IEEE
Building secure software is difficult, time-consuming, and expensive. Prediction models that identify vulnerability prone software components can be used to focus security efforts, thus helping to reduce the time and effort required to secure software. Several kinds of vulnerability prediction models have been proposed over the course of the past decade. However, these models were evaluated with differing methodologies and datasets, making it difficult to determine the relative strengths and weaknesses of different modeling techniques. In this paper, we provide a high-quality, public dataset, containing 223 vulnerabilities found in three web applications, to help address this issue. We used this dataset to compare vulnerability prediction models based on text mining with models using software metrics as predictors. We found that text mining models had higher recall than software metrics based models for all three applications.
Subjects
MLE@TUHH
DDC Class
004: Informatik
TUHH
Weiterführende Links
  • Contact
  • Send Feedback
  • Cookie settings
  • Privacy policy
  • Impress
DSpace Software

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science
Design by effective webwork GmbH

  • Deutsche NationalbibliothekDeutsche Nationalbibliothek
  • ORCiD Member OrganizationORCiD Member Organization
  • DataCiteDataCite
  • Re3DataRe3Data
  • OpenDOAROpenDOAR
  • OpenAireOpenAire
  • BASE Bielefeld Academic Search EngineBASE Bielefeld Academic Search Engine
Feedback