Machine Learning for Source Code Vulnerability Detection: What Works and What Isn't There Yet

Tina Marjanov, Ivan Pashchenko, Fabio Massacci

Research output: Contribution to JournalArticleAcademicpeer-review

Abstract

We review machine learning approaches for detecting (and correcting) vulnerabilities in source code, finding that the biggest challenges ahead involve agreeing to a benchmark, increasing language and error type coverage, and using pipelines that do not flatten the code's structure.

Original languageEnglish
Pages (from-to)60-76
Number of pages17
JournalIEEE Security and Privacy
Volume20
Issue number5
Early online date17 Aug 2022
DOIs
Publication statusPublished - Oct 2022

Bibliographical note

Publisher Copyright:
© 2003-2012 IEEE.

Fingerprint

Dive into the research topics of 'Machine Learning for Source Code Vulnerability Detection: What Works and What Isn't There Yet'. Together they form a unique fingerprint.

Cite this