Predicting Vulnerabilities in Computer Source Code Using Non-Investigated Software Metrics

被引：0

作者：

Agbenyegah, Francis Kwadzo ^{[1
,2
]}

Chen, Jinfu ^{[2
]}

Asante, Micheal ^{[3
]}

Akpaku, Ernest ^{[2
]}

机构：

[1] Jiangsu Univ, Sch Comp Sci & Commun Engn, Zhenjiang, Peoples R China

[2] Ghana Commun Technol Univ, Fac Comp & Informat Syst, Dept Informat Technol, Accra, Ghana

[3] Kwame Nkrumah Univ Sci & Technol, Dept Comp Sci, Kumasi, Ghana

来源：

SOFTWARE QUALITY JOURNAL | 2025年 / 33卷 / 01期

关键词：

Vulnerability; Software metrics; Deep Learning; Machine Learning; Vulnerability Prediction;

D O I：

10.1007/s11219-025-09715-6

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Flaws in the design of the computer systems, bugs, and vulnerabilities cause failures in computer systems. Various techniques such as machine learning and deep learning algorithms are used to predict and detect vulnerabilities. Such techniques use text mining and software metrics as features set in the building and training of the predictive model. This paper investigates the impact of the non-investigated software metrics and the known software metrics in predicting the availability of bugs in software source code. The deep learning algorithm used in the design of the predictive model includes the Inception model, which is a variant of convolutional neural network, attention-based multilayer perceptron, and long short-term memory. The experimental results show that known and non-investigated or new software metrics are not ideal for vulnerability prediction in source code.

引用

页数：18

共 50 条

[1] Predicting Security Vulnerabilities using Source Code Metrics
Ganesh, Sundarakrishnan
Ohlsson, Tobias
Palma, Francis
PROCEEDINGS OF THE 2021 SWEDISH WORKSHOP ON DATA SCIENCE (SWEDS), 2021,
[2] Are Source Code Metrics "Good Enough" in Predicting Security Vulnerabilities?
Ganesh, Sundarakrishnan
Palma, Francis
Olsson, Tobias
DATA, 2022, 7 (09)
[3] Deep Learning for Software Vulnerabilities Detection Using Code Metrics
Zagane, Mohammed
Abdi, Mustapha Kamel
Alenezi, Mamdouh
IEEE ACCESS, 2020, 8 : 74562 - 74570
[4] A New Approach to Locate Software Vulnerabilities Using Code Metrics
Zagane, Mohammed
Abdi, Mustapha Kamel
Alenezi, Mamdouh
INTERNATIONAL JOURNAL OF SOFTWARE INNOVATION, 2020, 8 (03) : 82 - 95
[5] Data stream mining for predicting software build outcomes using source code metrics
Finlay, Jacqui
Pears, Russel
Connor, Andy M.
INFORMATION AND SOFTWARE TECHNOLOGY, 2014, 56 (02) : 183 - 198
[6] Predicting the Maintainability of Open Source Software Using Design Metrics
ZHOU Yuming1
2. Department of Computing
3. Jiangsu Institute of Software Quality
Wuhan University Journal of Natural Sciences, 2008, (01) : 14 - 20
[7] Source Code Metrics for Software Defects Prediction
Rebro, Dominik Arne
Rossi, Bruno
Chren, Stanislav
38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023, 2023, : 1469 - 1472
[8] From source code to runtime behaviour: Software metrics help to select the computer architecture
Eichinger, Frank
Kramer, David
Boehm, Klemens
Karl, Wolfgang
KNOWLEDGE-BASED SYSTEMS, 2010, 23 (04) : 343 - 349
[9] A Software quality evaluation method using the change of source code metrics
Nakamura, Mitsuhiro
Hamagami, Tomoki
23RD IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSRE 2012), 2012, : 65 - 69
[10] Using Source Code Metrics for Predicting Metamorphic Relations at Method Level
Duque-Torres, Alejandra
Pfahl, Dietmar
Klammer, Claus
Fischer, Stefan
Proceedings - 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2022, 2022, : 1147 - 1154

← 1 2 3 4 5 →