Abstract
Developing software applications that are free of vulnerabilities is a necessity, especially if these applications are intended to operate over the World Wide Web. As the development of software applications is evolving in a quick manner the need to develop tools that can automatically detect vulnerabilities in a software has emerged. The main challenge in these tools is providing a high accuracy and low false positive or false negative rates. In this paper, we analyze how data mining techniques can be used to improve the quality of vulnerability detection. We start by discussing web Application vulnerabilities along with the static detection approach and its limitations. Then we explore data mining techniques and their potential to improve vulnerability detection. The results of using such techniques in the literature are reviewed and discussed. As a conclusion, we argue that with the growing body of research utilizing data mining for vulnerabilities detection we might get a better detection alternative, however, several aspects need to be further investigated including feature engineering, adaptive classifiers and feature selection.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
