Tell a friend
Print
Sonnekalb, Tim and Heinze, Thomas and Mäder, Patrick (2021) Deep security analysis of program code - A systematic literature review. Empirical Software Engineering, 27 (1), pp. 1-39. Springer Nature. doi: 10.1007/s10664-021-10029-x. ISSN 1382-3256.
![[img]](https://elib.dlr.de/style/images/fileicons/application_pdf.png) |
PDF
- Published version
2MB |
Official URL: https://link.springer.com/article/10.1007%2Fs10664-021-10029-x
Abstract
Due to the continuous digitalization of our society, distributed and web-based applications become omnipresent and making them more secure gains paramount relevance. Deep learning (DL) and its representation learning approach are increasingly been proposed for program code analysis potentially providing a powerful means in making software systems less vulnerable. This systematic literature review (SLR) is aiming for a thorough analysis and comparison of 32 primary studies on DL-based vulnerability analysis of program code. We found a rich variety of proposed analysis approaches, code embeddings and network topologies. We discuss these techniques and alternatives in detail. By compiling commonalities and differences in the approaches, we identify the current state of research in this area and discuss future directions. We also provide an overview of publicly available datasets in order to foster a stronger benchmarking of approaches. This SLR provides an overview and starting point for researchers interested in deep vulnerability analysis on program code.
| Item URL in elib: | https://elib.dlr.de/144811/ | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Document Type: | Article | ||||||||||||
| Title: | Deep security analysis of program code - A systematic literature review | ||||||||||||
| Authors: |
| ||||||||||||
| Date: | 21 October 2021 | ||||||||||||
| Journal or Publication Title: | Empirical Software Engineering | ||||||||||||
| Refereed publication: | Yes | ||||||||||||
| Open Access: | Yes | ||||||||||||
| Gold Open Access: | No | ||||||||||||
| In SCOPUS: | Yes | ||||||||||||
| In ISI Web of Science: | Yes | ||||||||||||
| Volume: | 27 | ||||||||||||
| DOI: | 10.1007/s10664-021-10029-x | ||||||||||||
| Page Range: | pp. 1-39 | ||||||||||||
| Publisher: | Springer Nature | ||||||||||||
| Series Name: | Empirical Software Engineering | ||||||||||||
| ISSN: | 1382-3256 | ||||||||||||
| Status: | Published | ||||||||||||
| Keywords: | deep learning on code, security analysis, software security, vulnerability detection | ||||||||||||
| HGF - Research field: | Aeronautics, Space and Transport | ||||||||||||
| HGF - Program: | Space | ||||||||||||
| HGF - Program Themes: | Space System Technology | ||||||||||||
| DLR - Research area: | Raumfahrt | ||||||||||||
| DLR - Program: | R SY - Space System Technology | ||||||||||||
| DLR - Research theme (Project): | R - Secure Software Technology | ||||||||||||
| Location: | Jena | ||||||||||||
| Institutes and Institutions: | Institute of Data Science > Secure Digital Systems Institute of Data Science > IT-Security | ||||||||||||
| Deposited By: | Sonnekalb, Tim | ||||||||||||
| Deposited On: | 27 Oct 2021 15:44 | ||||||||||||
| Last Modified: | 27 Oct 2021 15:44 |
Repository Staff Only: item control page
