elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Imprint | Privacy Policy | Contact | Deutsch
Fontsize: [-] Text [+]

Deep security analysis of program code - A systematic literature review

Sonnekalb, Tim and Heinze, Thomas and Mäder, Patrick (2021) Deep security analysis of program code - A systematic literature review. Empirical Software Engineering, 27 (1), pp. 1-39. Springer Nature. doi: 10.1007/s10664-021-10029-x. ISSN 1382-3256.

[img] PDF - Published version
2MB

Official URL: https://link.springer.com/article/10.1007%2Fs10664-021-10029-x

Abstract

Due to the continuous digitalization of our society, distributed and web-based applications become omnipresent and making them more secure gains paramount relevance. Deep learning (DL) and its representation learning approach are increasingly been proposed for program code analysis potentially providing a powerful means in making software systems less vulnerable. This systematic literature review (SLR) is aiming for a thorough analysis and comparison of 32 primary studies on DL-based vulnerability analysis of program code. We found a rich variety of proposed analysis approaches, code embeddings and network topologies. We discuss these techniques and alternatives in detail. By compiling commonalities and differences in the approaches, we identify the current state of research in this area and discuss future directions. We also provide an overview of publicly available datasets in order to foster a stronger benchmarking of approaches. This SLR provides an overview and starting point for researchers interested in deep vulnerability analysis on program code.

Item URL in elib:https://elib.dlr.de/144811/
Document Type:Article
Title:Deep security analysis of program code - A systematic literature review
Authors:
AuthorsInstitution or Email of AuthorsAuthor's ORCID iD
Sonnekalb, TimTim.Sonnekalb (at) dlr.dehttps://orcid.org/0000-0002-0067-1790
Heinze, Thomasthomas.heinze (at) dlr.dehttps://orcid.org/0000-0001-8816-7013
Mäder, Patrickpatrick.maeder (at) tu-ilmenau.dehttps://orcid.org/0000-0001-6871-2707
Date:21 October 2021
Journal or Publication Title:Empirical Software Engineering
Refereed publication:Yes
Open Access:Yes
Gold Open Access:No
In SCOPUS:Yes
In ISI Web of Science:Yes
Volume:27
DOI :10.1007/s10664-021-10029-x
Page Range:pp. 1-39
Publisher:Springer Nature
Series Name:Empirical Software Engineering
ISSN:1382-3256
Status:Published
Keywords:deep learning on code, security analysis, software security, vulnerability detection
HGF - Research field:Aeronautics, Space and Transport
HGF - Program:Space
HGF - Program Themes:Space System Technology
DLR - Research area:Raumfahrt
DLR - Program:R SY - Space System Technology
DLR - Research theme (Project):R - Secure Software Technology
Location: Jena
Institutes and Institutions:Institute of Data Science > Secure Digital Systems
Institute of Data Science > IT-Security
Deposited By: Sonnekalb, Tim
Deposited On:27 Oct 2021 15:44
Last Modified:27 Oct 2021 15:44

Repository Staff Only: item control page

Browse
Search
Help & Contact
Information
electronic library is running on EPrints 3.3.12
Copyright © 2008-2017 German Aerospace Center (DLR). All rights reserved.