Predicting Software Vulnerabilities Using Topic Modeling with Issues

Fatma Gul Bulut, Haluk Altunel, Ayse Tosun

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Citations (Scopus)

Abstract

The existence of software vulnerabilities is an indicator of the reliability and safety of software products. Software vulnerabilities can be predicted using metrics derived from developers, organization, code and textual data. In this work, we aim to predict the software vulnerabilities using issue records in two different datasets. The first dataset consists of six-months of issue records collected in a corporate, whereas the second dataset consists of Wireshark project bug records from 2017 to 2018. Prediction models were established using six different machine learning for which textual descriptions of issue records were converted into topic models. A regression model was established for the corporate company in which textual description of issue records were used as the input, and the number of vulnerabilities were used as the output of the model. A classification model was established for Wireshark dataset in which textual descriptions of bug records were used as input of the model, and the class of vulnerable-prone or not is used as the output. The best regression model results are 0.23, 0.30, 0.44 MdMRE values, respectively. The best classification model result is 74% recall score.

Original languageEnglish
Title of host publicationUBMK 2019 - Proceedings, 4th International Conference on Computer Science and Engineering
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages739-744
Number of pages6
ISBN (Electronic)9781728139647
DOIs
Publication statusPublished - Sept 2019
Event4th International Conference on Computer Science and Engineering, UBMK 2019 - Samsun, Turkey
Duration: 11 Sept 201915 Sept 2019

Publication series

NameUBMK 2019 - Proceedings, 4th International Conference on Computer Science and Engineering

Conference

Conference4th International Conference on Computer Science and Engineering, UBMK 2019
Country/TerritoryTurkey
CitySamsun
Period11/09/1915/09/19

Bibliographical note

Publisher Copyright:
© 2019 IEEE.

Keywords

  • bug report
  • issue record
  • software vulnerability prediction
  • textual description
  • topic modeling

Fingerprint

Dive into the research topics of 'Predicting Software Vulnerabilities Using Topic Modeling with Issues'. Together they form a unique fingerprint.

Cite this