Vulnerability detection techniques and tools and their relationship to agile methods and software quality and service models

2019 ◽  
Author(s):  
Lígia Cássia M. C. Santos ◽  
Edmir Parada V. Prado ◽  
Marcos Lordello Chaim
Keyword(s):  
Software Quality ◽  
Agile Methods ◽  
Vulnerability Detection ◽  
Detection Techniques ◽  
Service Models

A Review on Machine-Learning Based Code Smell Detection Techniquesin Object-Oriented Software System(s)

2020 ◽  
Vol 13 ◽  
Author(s):  
Amandeep Kaur ◽  
Sushma Jain ◽  
Shivani Goel ◽  
Gaurav Dhiman
Keyword(s):  
Machine Learning ◽  
Programming Languages ◽  
Software Quality ◽  
Empirical Studies ◽  
Statistical Testing ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Code Smells ◽  
Detection Techniques ◽  
Code Smell

Context: Code smells are symptoms, that something may be wrong in software systems that can cause complications in maintaining software quality. In literature, there exists many code smells and their identification is far from trivial. Thus, several techniques have also been proposed to automate code smell detection in order to improve software quality. Objective: This paper presents an up-to-date review of simple and hybrid machine learning based code smell detection techniques and tools. Methods: We collected all the relevant research published in this field till 2020. We extracted the data from those articles and classified them into two major categories. In addition, we compared the selected studies based on several aspects like, code smells, machine learning techniques, datasets, programming languages used by datasets, dataset size, evaluation approach, and statistical testing. Results: Majority of empirical studies have proposed machine- learning based code smell detection tools. Support vector machine and decision tree algorithms are frequently used by the researchers. Along with this, a major proportion of research is conducted on Open Source Softwares (OSS) such as, Xerces, Gantt Project and ArgoUml. Furthermore, researchers paid more attention towards Feature Envy and Long Method code smells. Conclusion: We identified several areas of open research like, need of code smell detection techniques using hybrid approaches, need of validation employing industrial datasets, etc.

scholarly journals Instruction2vec: Efficient Preprocessor of Assembly Code to Detect Software Weakness with CNN

2019 ◽  
Vol 9 (19) ◽  
pp. 4086 ◽  
Author(s):  
Yongjun Lee ◽  
Hyun Kwon ◽  
Sang-Hoon Choi ◽  
Seung-Ho Lim ◽  
Sung Hoon Baek ◽  
...  
Keyword(s):  
Feature Extraction ◽  
Experimental Results ◽  
New Method ◽  
Binary Analysis ◽  
Vulnerability Detection ◽  
Security Vulnerabilities ◽  
Assembly Code ◽  
Detection Techniques ◽  
Software Vulnerabilities ◽  
Analysis Technique

Potential software weakness, which can lead to exploitable security vulnerabilities, continues to pose a risk to computer systems. According to Common Vulnerability and Exposures, 14,714 vulnerabilities were reported in 2017, more than twice the number reported in 2016. Automated vulnerability detection was recommended to efficiently detect vulnerabilities. Among detection techniques, static binary analysis detects software weakness based on existing patterns. In addition, it is based on existing patterns or rules, making it difficult to add and patch new rules whenever an unknown vulnerability is encountered. To overcome this limitation, we propose a new method—Instruction2vec—an improved static binary analysis technique using machine. Our framework consists of two steps: (1) it models assembly code efficiently using Instruction2vec, based on Word2vec; and (2) it learns the features of software weakness code using the feature extraction of Text-CNN without creating patterns or rules and detects new software weakness. We compared the preprocessing performance of three frameworks—Instruction2vec, Word2vec, and Binary2img—to assess the efficiency of Instruction2vec. We used the Juliet Test Suite, particularly the part related to Common Weakness Enumeration(CWE)-121, for training and Securely Taking On New Executable Software of Uncertain Provenance (STONESOUP) for testing. Experimental results show that the proposed scheme can detect software vulnerabilities with an accuracy of 91% of the assembly code.

Improving Agile Methods

2010 ◽  
pp. 189-231
Author(s):  
Barbara Russo ◽  
Marco Scotto ◽  
Alberto Sillitti ◽  
Giancarlo Succi
Keyword(s):  
Software Quality ◽  
Cost Estimation ◽  
Agile Methods ◽  
Empirical Validation ◽  
Anecdotal Evidence ◽  
Hard Data ◽  
Personal Opinion ◽  
On Line ◽  
Software Engineers ◽  
Scientific Value

Apart from personal experience, anecdotal evidence and demonstrations are still the most prevalent and diffused methods on which software engineers have to base their knowledge and decisions. Although – by searching on line databases such as the ACM1 or IEEE2 libraries – we find numerous papers for example on software quality or cost estimation many of them either do not perform any empirical validation at all (they are mostly experience reports or base ideas more on personal opinion than hard data) or the performed validation has limited scientific value

ION DETECTION TECHNIQUES APPLIED TO RYDBERG ATOMS IN EXTERNAL FIELDS

1983 ◽  
Vol 44 (C7) ◽  
pp. C7-193-C7-208 ◽  
Author(s):  
F. Penent ◽  
C. Chardonnet ◽  
D. Delande ◽  
F. Biraben ◽  
J. C. Gay
Keyword(s):  
Rydberg Atoms ◽  
External Fields ◽  
Ion Detection ◽  
Detection Techniques
Sign in / Sign up

Export Citation Format

Share Document