检索结果-内蒙古大学图书馆

A Systematic Literature Review on Automated software Vulnerability Detection Using Machine Learning

ACM COMPUTING SURVEYS 2025年第3期57卷 1-36页

作者： Harzevili, Nima shiri Belle, Alvine boaye Wang, Junjie Wang, Song Jiang, Zhen ming (jack) Nagappan, Nachiappan York Univ Elect Engn & Comp Sci Keele Campus Toronto ON Canada York Univ Elect Engn & Comp Sci Toronto ON Canada Chinese Acad Sci Inst Software Beijing Peoples R China Meta Seattle WA USA

In recent years, numerous Machine Learning (ML) models, including Deep Learning (DL) and classic ML models, have been developed to detect software vulnerabilities. However, there is a notable lack of comprehensive and systematic surveys that summarize, classify, and analyze the applications of these ML models in software vulnerability detection. This absence may lead to critical research areas being overlooked or underrepresented, resulting in a skewed understanding of the current state of the art in software vulnerability detection. To close this gap, we propose a comprehensive and systematic literature review that characterizes the different properties of ML-based software vulnerability detection systems using six major Research Questions (RQs). Using a custom web scraper, our systematic approach involves extracting a set of studies from four widely used online digital libraries: ACM Digital Library, IEEE Xplore, ScienceDirect, and Google Scholar. We manually analyzed the extracted studies to filter out irrelevant work unrelated to software vulnerability detection, followed by creating taxonomies and addressing RQs. Our analysis indicates a significant upward trend in applying ML techniques for software vulnerability detection over the past few years, with many studies published in recent years. Prominent conference venues include the international conference on software engineering (ICSE), the international Symposium on software Reliability engineering (ISSRE), the Mining software Repositories (MSR) conference, and the ACM international conference on the Foundations of software engineering (FSE), whereas Information and software technology (IST), Computers & Security (C&S), and Journal of Systems and software (JSS) are the leading journal venues. Our results reveal that 39.1% of the subject studies use hybrid sources, whereas 37.6% of the subject studies utilize benchmark data for software vulnerability detection. Code-based data are the most commonly used data t

关键词： Source code software security software vulnerability detection software bug detection machine learning deep learning

来源：评论

学校读者我要写书评

暂无评论

2023 IEEE 4th international Multidisciplinary conference on engineering technology, IMCET 2023

2023 IEEE 4th International Multidisciplinary Conference on ...

引用

4th IEEE international Multidisciplinary conference on engineering technology, IMCET 2023

ISBN: (纸本)9798350313826

The proceedings contain 49 papers. The topics discussed include: mixed-sensitivity controller design for a tethered UAV-buoy system;cost-effective tweet classification through transfer learning in low-resource NLP settings;comparing the effectiveness of EMG and electrical impedance myography measurements for controlling prosthetics;home automation system with IoT stack and ChatGPT for people with reduced mobility;detection and prevention of TCP DoS/DDoS attacks in software defined network;design of low cost mini CNC laser engraver;the modified hybrid multi-objective genetic algorithm and loss sensitivity factor for optimal siting and sizing of PV-based distributed generation in distribution networks;energy-efficient UAV-assisted cluster-based control messages relay system in IoT networks;and neural network to predict energy efficiency for space heating in residential buildings.

关键词：

来源：评论

学校读者我要写书评

暂无评论

2nd international conference on Science, engineering Management and Information technology, SEMIT 2023

2nd International Conference on Science, Engineering Managem...

引用

2nd international conference on Science, engineering Management and Information technology, SEMIT 2023

ISBN: (纸本)9783031722837

The proceedings contain 46 papers. The special focus in this conference is on Science, engineering Management and Information technology. The topics include: Verification and Validation of Knowledge engineering Systems: A Life Cycle Framework;The Critical Factors of Success of Gamification in Digital Banking Services: Using Analytic Hierarchy Process (AHP) Approach;e-Shopping Sites Preference Analysis with Multi-criteria Decision-Making Methods;advancing Anemia Diagnosis: Harnessing Machine Learning Methods for Accurate Detection;monkeypox Detection with K-mer Using Machine Learning Algorithms;cloud Computing Model for Handling Medical Big Data: A Mobile Hospital Pervasive Healthcare Application;Harnessing Advanced AI Techniques: An In-Depth Analysis of Machine Learning Models for Improved Diabetes Prediction;image Processing in Toxicology: A Systematic Review;augmented Reality Immersive World with Hologram Special Effect in Early Childhood Education;improving the Visual Ergonomics of Computerised Workplaces Through the Use of Specialised Eye-Rest software;a Diagnosis Model Based on Federated Learning for Lung Cancer Classification;Arrhythmia Detection from ECG Traces Images Using Transfer Learning Approach;enhancing Traffic Flow Prediction in Urban Areas Through Deep Learning and Probe Information: A Comparative Study;an Approach to Multi-agent Deep Q-Network Optimization of Signal Control in Multi-intersection Road Environments to Enhance Urban Traffic Flow;blockchain-Driven Smart Contracts: An Overview of Application Areas and Gap Identification in Construction Management Literature;stochastic Optimization Methodology for Production Planning with Uncertain Demand and Lead Time Based on the Digital Twin;role of Top Management Commitment and Information technology Investment in Digital Transformation;antecedents of Mobile Banking Apps Adoption Among Consumers in Ghana.

关键词：

来源：评论

学校读者我要写书评

暂无评论

2nd international conference on Science, engineering Management and Information technology, SEMIT 2023

2nd International Conference on Science, Engineering Managem...

引用

2nd international conference on Science, engineering Management and Information technology, SEMIT 2023

ISBN: (纸本)9783031722868

关键词：

来源：评论

学校读者我要写书评

暂无评论

SIET 2023 - Proceedings of the 8th international conference on Sustainable Information engineering and technology

SIET 2023 - Proceedings of the 8th International Conference ...

引用

8th international conference on Sustainable Information engineering and technology, SIET 2023

ISBN: (纸本)9798400708503

The proceedings contain 93 papers. The topics discussed include: AVIG: a real-time visual inspection for Guava grading system using computer vision and XGBoost;comparison of deep learning methods in detecting hate speech in Indonesian tweets;learning-augmented K-means clustering using dimensional reduction;optimization of relay node placement in wireless sensor networks (WSN) using A-Star algorithm for random, triangular and rectangular distribution pattern;face emotion recognition system of customer service Using CNN based on embedded system;implementation of fault-tolerance mechanism in quorum-based blockchain provisioning in cloud infrastructure using replication and monitoring protocols;comparative analysis of load balancing with shortest delay and least connection methods on software defined network;and the two types of module access patterns in LMS and their correlation with the students' evaluation.

关键词：

来源：评论

学校读者我要写书评

暂无评论

2023 6th international conference on Vocational Education and Electrical engineering: Integrating Scalable Digital Connectivity, Intelligence Systems, and Green technology for Education and Sustainable Community Development, ICVEE 2023 - Proceeding

2023 6th International Conference on Vocational Education an...

引用

6th international conference on Vocational Education and Electrical engineering, ICVEE 2023

ISBN: (纸本)9798350326642

The proceedings contain 66 papers. The topics discussed include: a prototype development and implementation of a fast lithium battery packs active on-load balancing system;Covid-19 early diagnosis based on transfer learning and modified CNN architecture;a study of audio-to-text conversion software using whispers model;a random forest algorithm for predicting computer programming skill associated with learning styles;an investigation of running load comparisons of ARCore on native android and unity for outdoor navigation system using smartphone;implementation of convolutional neural network in the development of object recognition system;design and implementation of 2-DOF arm manipulator robot as robotic kinematic learning platform;performance prediction and waveform properties of passive coherent location radar systems in the Tarakan area;and a cross-platform implementation of indoor navigation system using unity and smartphone INSUS.

关键词：

来源：评论

学校读者我要写书评

暂无评论

international conference on Advances in Communication technology and Computer engineering, ICACTCE 2023

International Conference on Advances in Communication Techno...

引用

international conference on Advances in Communication technology and Computer engineering, ICACTCE 2023

ISBN: (纸本)9783031371639

The proceedings contain 54 papers. The special focus in this conference is on international conference on Advances in Communication technology and Computer engineering. The topics include: Integration of a UHF Fractal Antenna into a 1U CubeSat for Low-Earth Orbit Mission;gesture Recognition Based Virtual Mouse and Keyboard;QCNN—A Conceptual Framework for Duplicate Removal in Big Data Using Quality Assured Crowd Sourcing Coupled with Neural Networks;Evaluation of Text Classification Using Support Vector Machine Compare with Naive Bayes, Random Forest Decision Tree and K-NN;a Review on Blockchain Smart Contract Applications;Factors Impacting a UK Based software Business on international Expansion;predicting Fish Habitat in the Persian Gulf Using Artificial Intelligence;junk Mail Content Detection Using Logistic Regression Algorithm;research Protocol for a Preliminary Evaluation of a Gamified Tool for Adult Wellbeing;initial Evaluation of a Mobile Therapeutic Game for Adolescent Anxiety Disorders;help over Harm: Practical and Ethical Considerations for the Evaluation and Deployment of Therapeutic Games;comparative Analysis on the Use of Teleconsultation Using Support: Vector Regression and Decision Tree Regression to Predict Patient Satisfaction;bibliometric Analysis of Scientific Literature on Mental Health Research in Africa;new Technologies and Interventions to Improve the Mental Health of People with Diabetes;robotics Cyber Security Issues;Improving Data Centre Power Efficiency by Applying the VM Consolidation Approach;development and Evaluation of "Perspective: Counselling Simulator": A Gamified Tool for Developing Risk-Assessment Skills in Trainee Counsellors;Online Buying Behaviour of UK University Students;multi-modal Sentiment Analysis Using Text and Audio for Customer Support Centers;preface.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Bibliometric and Content Analysis of Large Language Models Research in software engineering: The Potential and Limitation in software engineering

引用

international Journal of Advanced Computer Science and Applications 2025年第4期16卷 344-356页

作者： Damayanti, Annisa Dwi Gani, Hamdan Zhipeng, Feng Gani, Helmy Zuhriyah, Sitti Nurani Djabir, St. Nurhayati Wardani, Nur Ilmiyanti Department of Environmental Engineering Faculty of Engineering Hasanuddin University Makassar Indonesia Department of Machinery Automation System ATI Makassar Polytechnic Makassar Indonesia School of Culture Creativity and Media Hangzhou Normal University Zhejiang Hangzhou China Department of Industrial Hygiene Faculty of Public Health Occupational Health and Safety Makassar College of Health Sciences Indonesia Department of Computer System Universitas Handayani Makassar Makassar Indonesia Department of Information Systems and Technology Institut Teknologi dan Bisnis Nobel Indonesia Jl. Sultan Alauddin No.212 Makassar90221 Indonesia Department of Informatics Engineering Universitas Handayani Makassar Makassar Indonesia

Large Language Models (LLM) is a type of artificial neural network that excels at language-related tasks. The advantages and disadvantages of using LLM in software engineering are still being debated, but it is a tool that can be utilized in software engineering. This study aimed to analyze LLM studies in software engineering using bibliometric and content analysis. The study data were retrieved from Web of Science and Scopus. The data were analyzed using two popular bibliometric approaches: bibliometric and content analysis. VOS Viewer and Bibliometrix software were used to conduct the bibliometric analysis. The bibliometric analysis was performed using science mapping and performance analysis approaches. Various bibliometric data, including the most frequently referenced publications, journals, and nations, were evaluated and presented. Then, the synthetic knowledge method was utilized for content analysis. This study examined 235 papers, with 836 authors contributing. The publications were published in 123 different journals. The average number of citations per publication is 1.44. Most publications were published in Proceedings international conference on software engineering and ACM international conference Proceeding Series, with China and the United States emerging as the leading countries. It was discovered that international collaboration on the issue was inadequate. The most often used keywords in the publications were "software design," "code (symbols)," and "code generation." Following the content analysis, three themes emerged: 1) Integration of LLM into software engineering education, 2) application of LLM in software engineering, and 3) potential and limitation of LLM in software engineering. The results of this study are expected to provide researchers and academics with insights into the current state of LLM in software engineering research, allowing them to develop future conclusions. © (2025), (Science and Information Organization). All Rights Res

关键词： software design

来源：评论

学校读者我要写书评

暂无评论

Case Study Based Pedagogical Intervention for Teaching software engineering Ethics 36

Case Study Based Pedagogical Intervention for Teaching Softw...

引用

36th international conference on software engineering Education and Training (CSEE and T)

作者： Johri, Aditya Hingle, Ashish George Mason Univ Informat Sci & Technol Fairfax VA 22030 USA

ISBN: (纸本)9798350378986;9798350378979

The omnipresence of software systems across all aspects of society has necessitated that future technology professionals are aware of ethical concerns raised by the design and development of software and are trained to minimize harm by undertaking responsible engineering. This need has become even more urgent with artificial intelligence (AI) driven software deployment. In this paper we present a study of an interactive pedagogical intervention - role-play case studies - designed to teach undergraduate technology students about ethics with a focus on software systems. Drawing on the situated learning perspective from the Learning Sciences, we created case studies, associated stakeholder roles, discussion scripts, and pre and post discussion assignments to guide students' learning. Open-ended data was collected from thirty-nine students and analyzed qualitatively. Findings from the study show that by taking on different perspectives on a problem, students were able to identify a range of ethical issues and understand the role of the software system process holistically, taking context, complexity, and trade-offs into account. In their discussion and reflections, students deliberated the role of software in society and the role of humans in automation. The curricula, including case studies, are publicly available for implementation.

关键词： software engineering ethics ethics education case studies role plays situated learning

来源：评论

学校读者我要写书评

暂无评论

technology Acquisition Plans to Foster Supply Chain Risk Management Learning Outcomes in Project-Based software Development Courses 36

Technology Acquisition Plans to Foster Supply Chain Risk Man...

引用

36th international conference on software engineering Education and Training (CSEE and T)

作者： Tenbergen, Bastian Mead, Nancy R. SUNY Coll Oswego Dept Comp Sci Oswego NY 13126 USA Carnegie Mellon Univ SEI Fellow IEEE Life Fellow Pittsburgh PA 15213 USA

ISBN: (纸本)9798350378986;9798350378979

From theory and technical skills to self-management and interpersonal skills, and to role-specific knowledge such as DevOps or Requirements engineering, students struggle to become proficient in all aspects to software engineering before graduating, while instructors struggle to prepare students for industry. Project-based instruction has become a de-facto standard to teach skills and knowledge. Many project-based courses focus on implementation, wherein students tend to adopt third-party technologies without critical reflection. This leads to insufficient knowledge about supply chain risk management (SCRM). The result is that students are inadequately prepared to handle risks to project success due to third-party acquisitions, including usage rights, introduction of security vulnerabilities, or their ability to identify and mitigate acquisition risks. In this paper, we present a capstone-style project-based course to deliver an industry-realistic and teamwork-centric software development approach. We propose incorporating technology Acquisition Plans, which are based on an existing SCRM curriculum, and add acquisition planning, bidding, and risk monitoring activities to the project and development activities. Empirical evaluation and classroom observations show that while students' ability to justify the need for third-party acquisitions remains the same, self-reported ability to evaluate and bid on alternatives is improved. Furthermore, statistically significant improvement can be seen in areas pertaining to risk monitoring, problem detection, and problem resolution.

关键词： software engineering education supply chain risk management SCRM software acquisition team management project-based learning technology acquisition plans

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：