TUHH Open Research
Help
  • Log In
    New user? Click here to register.Have you forgotten your password?
  • English
  • Deutsch
  • Communities & Collections
  • Publications
  • Research Data
  • People
  • Institutions
  • Projects
  • Statistics
  1. Home
  2. TUHH
  3. Publication References
  4. Is newer always better?: The case of vulnerability prediction models
 
Options

Is newer always better?: The case of vulnerability prediction models

Publikationstyp
Conference Paper
Date Issued
2016-09
Sprache
English
Author(s)
Hovsepyan, Aram  
Scandariato, Riccardo  
Joosen, Wouter  
TORE-URI
http://hdl.handle.net/11420/14423
First published in
International Symposium on Empirical Software Engineering and Measurement  
Number in series
8/9
Article Number
a26
Citation
International Symposium on Empirical Software Engineering and Measurement 8/9: a26 (2016)
Contribution to Conference
10th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, ESEM 2016  
Publisher DOI
10.1145/2961111.2962612
Scopus ID
2-s2.0-84991627902
Publisher
ACM
ISBN
978-1-4503-4427-2
Finding security vulnerabilities in the source code as early as possible is becoming more and more essential. In this respect, vulnerability prediction models have the potential to help the security assurance activities by identifying code locations that deserve the most attention. In this paper, we investigate whether prediction models behave like milk (i.e., they turn with time) or wine (i.e., the improve with time) when used to predict future vulnerabilities. Our findings indicate that the recall values are largely in favor of predictors based on older versions. However, the better recall comes at the price of much higher file inspection ratio values.
Subjects
prediction models
Security vulnerabilities
MLE@TUHH
DDC Class
004: Informatik
TUHH
Weiterführende Links
  • Contact
  • Send Feedback
  • Cookie settings
  • Privacy policy
  • Impress
DSpace Software

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science
Design by effective webwork GmbH

  • Deutsche NationalbibliothekDeutsche Nationalbibliothek
  • ORCiD Member OrganizationORCiD Member Organization
  • DataCiteDataCite
  • Re3DataRe3Data
  • OpenDOAROpenDOAR
  • OpenAireOpenAire
  • BASE Bielefeld Academic Search EngineBASE Bielefeld Academic Search Engine
Feedback