DLR-Logo -> http://www.dlr.de
DLR Portal Home | Imprint | Privacy Policy | Contact | Deutsch
Fontsize: [-] Text [+]

Deep security analysis of program code - A systematic literature review

Sonnekalb, Tim and Heinze, Thomas and Mäder, Patrick (2021) Deep security analysis of program code - A systematic literature review. Empirical Software Engineering, 27 (1), pp. 1-39. Springer Nature. doi: 10.1007/s10664-021-10029-x. ISSN 1382-3256.

[img] PDF - Published version

Official URL: https://link.springer.com/article/10.1007%2Fs10664-021-10029-x


Due to the continuous digitalization of our society, distributed and web-based applications become omnipresent and making them more secure gains paramount relevance. Deep learning (DL) and its representation learning approach are increasingly been proposed for program code analysis potentially providing a powerful means in making software systems less vulnerable. This systematic literature review (SLR) is aiming for a thorough analysis and comparison of 32 primary studies on DL-based vulnerability analysis of program code. We found a rich variety of proposed analysis approaches, code embeddings and network topologies. We discuss these techniques and alternatives in detail. By compiling commonalities and differences in the approaches, we identify the current state of research in this area and discuss future directions. We also provide an overview of publicly available datasets in order to foster a stronger benchmarking of approaches. This SLR provides an overview and starting point for researchers interested in deep vulnerability analysis on program code.

Item URL in elib:https://elib.dlr.de/144811/
Document Type:Article
Title:Deep security analysis of program code - A systematic literature review
AuthorsInstitution or Email of AuthorsAuthor's ORCID iDORCID Put Code
Sonnekalb, TimUNSPECIFIEDhttps://orcid.org/0000-0002-0067-1790UNSPECIFIED
Heinze, ThomasUNSPECIFIEDhttps://orcid.org/0000-0001-8816-7013UNSPECIFIED
Mäder, PatrickUNSPECIFIEDhttps://orcid.org/0000-0001-6871-2707UNSPECIFIED
Date:21 October 2021
Journal or Publication Title:Empirical Software Engineering
Refereed publication:Yes
Open Access:Yes
Gold Open Access:No
In ISI Web of Science:Yes
Page Range:pp. 1-39
Publisher:Springer Nature
Series Name:Empirical Software Engineering
Keywords:deep learning on code, security analysis, software security, vulnerability detection
HGF - Research field:Aeronautics, Space and Transport
HGF - Program:Space
HGF - Program Themes:Space System Technology
DLR - Research area:Raumfahrt
DLR - Program:R SY - Space System Technology
DLR - Research theme (Project):R - Secure Software Technology
Location: Jena
Institutes and Institutions:Institute of Data Science > Secure Digital Systems
Institute of Data Science > IT-Security
Deposited By: Sonnekalb, Tim
Deposited On:27 Oct 2021 15:44
Last Modified:27 Oct 2021 15:44

Repository Staff Only: item control page

Help & Contact
electronic library is running on EPrints 3.3.12
Website and database design: Copyright © German Aerospace Center (DLR). All rights reserved.