Why Is Static Application Security Testing Hard to Learn?

被引：0

作者：

Krishnan, Padmanabhan ^{[1
]}

Cifuentes, Cristina ^{[2
]}

Li, Li ^{[3
]}

Bissyande, Tegawende F. ^{[4
]}

Klein, Jacques ^{[5
]}

机构：

[1] Oracle Labs, Res, Brisbane, Qld 400, Australia

[2] Oracle Labs, Software Assurance, Brisbane, Qld 400, Australia

[3] Beihang Univ, Sch Software, Beijing 100191, Peoples R China

[4] Univ Luxembourg, L-1359 Luxembourg, Luxembourg

[5] Univ Luxembourg, Interdisciplinary Ctr Secur Reliabil & Trust, Software Engn & Software Secur, L-1359 Luxembourg, Luxembourg

来源：

IEEE SECURITY & PRIVACY | 2023年 / 21卷 / 05期

关键词：

Privacy; Machine learning; Application security; Security; Testing;

D O I：

10.1109/MSEC.2023.3287206

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this article, we summarize our experience in combining program analysis with machine learning (ML) to develop a technique that can improve the development of specific program analyses. Our experience is negative. We describe the areas that need to be addressed if ML techniques are to be useful in the program analysis context. Most of the issues that we report are different from the ones that discuss the state of the art in the use of ML techniques to detect security vulnerabilities

引用

页码：68 / 72

页数：5

共 50 条

[31] Food security and scarcity: why ending hunger is so hard
Murphy, Sophia
[J]. JOURNAL OF PEASANT STUDIES, 2016, 43 (03): : 767 - 771
[32] Why Hard Code The Bionic Limbs When They Can Learn From Humans?
Dey, Sharmita
de Schultz, Niklas
Schilling, Arndt F.
[J]. 2023 INTERNATIONAL CONFERENCE ON REHABILITATION ROBOTICS, ICORR, 2023,
[33] Static Security Evaluation of an Industrial Web Application
Welearegai, Gebrehiwet B.
Schlueter, Max
Hammer, Christian
[J]. SAC '19: PROCEEDINGS OF THE 34TH ACM/SIGAPP SYMPOSIUM ON APPLIED COMPUTING, 2019, : 1952 - 1961
[34] SEBASTiAn: A static and extensible black-box application security testing tool for iOS and Android applications
Pagano, Francesco
Romdhana, Andrea
Caputo, Davide
Verderame, Luca
Merlo, Alessio
[J]. SOFTWAREX, 2023, 23
[35] ITERATIVE USABILITY TESTING OF A SECURITY APPLICATION
KARAT, CM
[J]. PROCEEDINGS OF THE HUMAN FACTORS SOCIETY 33RD ANNUAL MEETING, VOL 1: PERSPECTIVES, 1989, : 273 - 280
[36] Food Security and Food Scarcity: Why Ending Hunger Is So Hard
Rosegrant, Mark W.
[J]. ASIAN JOURNAL OF AGRICULTURE AND DEVELOPMENT, 2015, 12 (02): : 95 - 99
[37] PRACTICE HELD HOSTAGE TO THEORY: WHY IT IS SO HARD TO LEARN A FOREIGN LANGUAGE AT SCHOOL
Kravchenko, A. V.
Paiunena, M. V.
[J]. VESTNIK TOMSKOGO GOSUDARSTVENNOGO UNIVERSITETA FILOLOGIYA-TOMSK STATE UNIVERSITY JOURNAL OF PHILOLOGY, 2018, 56 : 65 - 91
[38] Learn the hard way
Luke Fleet
[J]. Nature Physics, 2017, 13 : 419 - 419
[39] 'HARD WAY TO LEARN'
HEARST, J
[J]. POETRY, 1979, 134 (01) : 17 - 17
[40] Idioms Are Hard to Learn
黄红艳
于莹
[J]. 中学英语园地(八年级版), 2008, (06) : 10 - 11

← 1 2 3 4 5 →