Theses and Dissertations
Issuing Body
Mississippi State University
Advisor
Bhowmik, Tanmay
Committee Member
Iannucci, Stefano
Committee Member
Crumpton, Joseph J.
Committee Member
Jankun-Kelly, T. J.
Committee Member
Keith, Jason M.
Date of Degree
8-9-2019
Original embargo terms
Visible to MSU only for 3 years
Document Type
Graduate Thesis - Open Access
Major
Computer Science
Degree Name
Master of Science
Degree Name
Master of Science (M.S.)
College
James Worth Bagley College of Engineering
College
James Worth Bagley College of Engineering
Department
Department of Computer Science and Engineering
Department
Department of Computer Science and Engineering
Abstract
Being software security one of the primary concerns in the software engineering community, researchers are coming up with many preemptive approaches which are primarily designed to detect vulnerabilities in the post-implementation stage of the software development life-cycle (SDLC). While they have been shown to be effective in detecting vulnerabilities, the consequences are often expensive. Accommodating changes after detecting a bug or vulnerability in late stages of the SDLC is costly. On that account, in this thesis, we propose a novel framework to provide an additional measure of predicting vulnerabilities at earlier stages of the SDLC. To that end, we leverage state-of-the-art machine learning classification algorithms to predict vulnerabilities for new requirements. We also present a case study on a large open-source-software (OSS) system, Firefox, evaluating the effectiveness of the extended prediction module. The results demonstrate that the framework could be a viable augmentation to the traditional vulnerabilityighting tools.
URI
https://hdl.handle.net/11668/14520
Recommended Citation
Imtiaz, Sayem Mohammad, "Predicting vulnerability for requirements: A data-driven approach" (2019). Theses and Dissertations. 3602.
https://scholarsjunction.msstate.edu/td/3602