Compartir
Título
Collecting Vulnerable Source Code from Open-Source Repositories for Dataset Generation
Autor
Facultad/Centro
Área de conocimiento
Título de la revista
Applied Sciences
Número de la revista
4
Cita Bibliográfica
Raducu, R., Esteban, G., Rodríguez Lera, F. J., & Fernández, C. (2020). Collecting Vulnerable Source Code from Open-Source Repositories for Dataset Generation. Applied Sciences, 10(4), 1270. https://doi.org/10.3390/app10041270
Editorial
MDPI
Fecha
2020-02-13
Resumen
[EN] Different Machine Learning techniques to detect software vulnerabilities have emerged in scientific and industrial scenarios. Different actors in these scenarios aim to develop algorithms for predicting security threats without requiring human intervention. However, these algorithms require data-driven engines based on the processing of huge amounts of data, known as datasets. This paper introduces the SonarCloud Vulnerable Code Prospector for C (SVCP4C). This tool aims to collect vulnerable source code from open source repositories linked to SonarCloud, an online tool that performs static analysis and tags the potentially vulnerable code. The tool provides a set of tagged files suitable for extracting features and creating training datasets for Machine Learning algorithms. This study presents a descriptive analysis of these files and overviews current status of C vulnerabilities, specifically buffer overflow, in the reviewed public repositories
Materia
Palabras clave
Peer review
SI
ID proyecto
- info: eu-repo/granAgreement/AEI/Programa Estatal de I+D+I Orientada a los Retos de la Sociedad / RTI2018-100683-13-100/ES/DETECCION Y CARACTERIZACION AUTOMATICA DE PROBLEMAS DE CIBERSEGURIDAD EN PLATAFORMAS ROBOTICAS
URI
DOI
Versión del editor
Aparece en las colecciones
- Artículos [4694]
Ficheros en el ítem
Tamaño:
931.0
xmlui.dri2xhtml.METS-1.0.size-kilobytes
Formato:
Adobe PDF