Back to University of Twente portal
| author: | Samarjeet Patil |
| title: | Automated Vulnerability detection in Java Source Code using Graph Neural Network |
| keywords: | vulnerability |
| topics: | Other |
| committee: |
Decebal Mocanu
, Erik Tews , Marieke Huisman |
| started: | March 2020 |
Description
Research and implement a system to tag/identity/report on security-relevant code in a codebase. By leveraging e.g. Abstract Syntax Tree parsing (beyond regular expressions). Through automated code scanning (the obvious patterns) and manual tagging (by an analyst during manual code-review). E.g., can be implemented in an IDE plugin.
On average 20% of a code-base is security-relevant. We envision a method/tool to support our analyst in capturing this 20% to support in and accelerate their ongoing security code-review work in Agile dev-environments.