Using Machine Learning To Identify Software Weaknesses From Software Requirement Specifications

• URL: http://arxiv.org/abs/2308.05558v1
• Date: Thu, 10 Aug 2023 13:19:10 GMT
• Title: Using Machine Learning To Identify Software Weaknesses From Software Requirement Specifications
• Authors: Mounika Vanamala, Sean Loesch and Alexander Caravella
• Abstract summary: This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications. Keywords extracted using latent semantic analysis help map the CWE categories to PROMISE_exp. Naive Bayes, support vector machine (SVM), decision trees, neural network, and convolutional neural network (CNN) algorithms were tested.
• Score: 49.1574468325115
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Secure software engineering is crucial but can be time-consuming; therefore, methods that could expedite the identification of software weaknesses without reducing the process efficacy would benefit the software engineering industry and thus benefit modern life. This research focuses on finding an efficient machine learning algorithm to identify software weaknesses from requirement specifications. The research uses the CWE repository and PROMISE exp dataset for training. Keywords extracted using latent semantic analysis help map the CWE categories to PROMISE_exp. Naive Bayes, support vector machine (SVM), decision trees, neural network, and convolutional neural network (CNN) algorithms were tested, with SVM and neural network producing reliable results. The research is unique contribution lies in the mapping technique and algorithm selection. It serves as a valuable reference for the secure software engineering community seeking to expedite the development lifecycle without compromising efficacy. Future work involves testing more algorithms, optimizing existing ones, and improving the training sets accuracy.

Related papers

• SCoPE: Evaluating LLMs for Software Vulnerability Detection [0.0]
  This work explores and refines the CVEFixes dataset, which is commonly used to train models for code-related tasks. The output generated by SCoPE was used to create a new version of CVEFixes. The results show that SCoPE successfully helped to identify 905 duplicates within the evaluated subset.
  arXiv  Detail & Related papers  (2024-07-19T15:02:00Z)
• Machine Learning aided Computer Architecture Design for CNN Inferencing Systems [0.0]
  We develop a technique for forecasting the power and performance of CNNs during inference, with a MAPE of 5.03% and 5.94%, respectively. Our approach empowers computer architects to estimate power and performance in the early stages of development, reducing the necessity for numerous prototypes.
  arXiv  Detail & Related papers  (2023-08-10T06:17:46Z)
• Genetic Micro-Programs for Automated Software Testing with Large Path Coverage [0.0]
  Existing software testing techniques focus on utilising search algorithms to discover input values that achieve high execution path coverage. This paper outlines a novel genetic programming framework, where the evolved solutions are not input values, but micro-programs that can repeatedly generate input values. We argue that our approach can be generalised such as to be applied to many different software systems, and is thus not specific to merely the particular software component on which it was trained.
  arXiv  Detail & Related papers  (2023-02-14T18:47:21Z)
• Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks [58.195261590442406]
  We study the problem of training and certifying adversarially robust quantized neural networks (QNNs) Recent work has shown that floating-point neural networks that have been verified to be robust can become vulnerable to adversarial attacks after quantization. We present quantization-aware interval bound propagation (QA-IBP), a novel method for training robust QNNs.
  arXiv  Detail & Related papers  (2022-11-29T13:32:38Z)
• FPGA-optimized Hardware acceleration for Spiking Neural Networks [69.49429223251178]
  This work presents the development of a hardware accelerator for an SNN, with off-line training, applied to an image recognition task. The design targets a Xilinx Artix-7 FPGA, using in total around the 40% of the available hardware resources. It reduces the classification time by three orders of magnitude, with a small 4.5% impact on the accuracy, if compared to its software, full precision counterpart.
  arXiv  Detail & Related papers  (2022-01-18T13:59:22Z)
• Benchmarking the Accuracy and Robustness of Feedback Alignment Algorithms [1.2183405753834562]
  Backpropagation is the default algorithm for training deep neural networks due to its simplicity, efficiency and high convergence rate. In recent years, more biologically plausible learning methods have been proposed. BioTorch is a software framework to create, train, and benchmark biologically motivated neural networks.
  arXiv  Detail & Related papers  (2021-08-30T18:02:55Z)
• A comparative study of neural network techniques for automatic software vulnerability detection [9.443081849443184]
  Most commonly used method for detecting software vulnerabilities is static analysis. Some researchers have proposed to use neural networks that have the ability of automatic feature extraction to improve intelligence of detection. We have conducted extensive experiments to test the performance of the two most typical neural networks.
  arXiv  Detail & Related papers  (2021-04-29T01:47:30Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• Machine Learning for Software Engineering: A Systematic Mapping [73.30245214374027]
  The software development industry is rapidly adopting machine learning for transitioning modern day software systems towards highly intelligent and self-learning systems. No comprehensive study exists that explores the current state-of-the-art on the adoption of machine learning across software engineering life cycle stages. This study introduces a machine learning for software engineering (MLSE) taxonomy classifying the state-of-the-art machine learning techniques according to their applicability to various software engineering life cycle stages.
  arXiv  Detail & Related papers  (2020-05-27T11:56:56Z)
• Spiking Neural Networks Hardware Implementations and Challenges: a Survey [53.429871539789445]
  Spiking Neural Networks are cognitive algorithms mimicking neuron and synapse operational principles. We present the state of the art of hardware implementations of spiking neural networks. We discuss the strategies employed to leverage the characteristics of these event-driven algorithms at the hardware level.
  arXiv  Detail & Related papers  (2020-05-04T13:24:00Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.