Abstract
Any vulnerability in the software creates a software security threat and helps hackers to gain unauthorized access to resources. Vulnerability prediction models help software engineers to effectively allocate their resources to find any vulnerable class in the software, before its delivery to customers. Vulnerable classes must be carefully reviewed by security experts and tested to identify potential threats that may arise in the future. In the present work, a novel technique based on Grey wolf algorithm and Random forest is proposed for software vulnerability prediction. Grey wolf technique is a metaheuristic technique and it is used to select the best subset of features. The proposed technique is compared with other machine learning techniques. Experiments were performed on three datasets available publicly. It was observed that our proposed technique (GW-RF) outperformed all other techniques for software vulnerability prediction.
Highlights
A vulnerability is a weakness in the software that, when exploited, causes a security failure
A novel technique based on grey wolf algorithm and random forest is proposed for software vulnerability prediction
Software metrics are heavily used in literature to predict software maintainability and change (Bansal, 2017) and defect proneness (Gyimothy et al, 2005) Numerous studies have shown the relation between software architecture and structural software metrics like complexity, coupling, and cohesion (CCC).CCC metrics are very efficient in measuring the quality of software architecture (QSA) and QSA influences the quality of software
Summary
A vulnerability is a weakness in the software that, when exploited, causes a security failure. It is difficult to detect the vulnerability in the software until they hinder the normal operation of the software. Prediction of software vulnerability during the early stage of the life cycle is a promising approach. Software organizations perform security checks to avoid software failures and the presence of vulnerabilities in the software may lead to software failures. A fault in the software specification, development, or its configuration is vulnerability if its execution results in a violation of security policy (McGraw & Potter, 2004). Software faults are defects or bugs in the software system and vulnerability refers to those software faults which leads security failure if exploited.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
