Abstract
AbstractStatic Application Security Testing tools can be used in the industry to analyze and find potential security vulnerabilities in source code, as mandated by several industrial security standards such as the IEC 62.443. They can be easily integrated into programming environments and deployment pipelines and enable the early detection of security flaws. Our work focuses on static security vulnerability detection in C# code utilizing deep learning algorithms. We use a data set of 51 Common Weakness Enumeration identifiers widely used in the industry to train and test our models. Our results show that the method is viable for detecting and classifying source code vulnerabilities. We also compare the performance of our approach to open source tools and show that our method outperforms these. Our work contributes to understanding the effectiveness of deep learning algorithms in detecting security vulnerabilities in C# code. This work can also be used by researchers and industrial practitioners who wish to use deep learning methods to improve the security of their code.KeywordsMachine learning securitySoftware and application securityArtificial intelligence securityArtificial neural networksDeep learningStatic code analysisSoftware vulnerabilitiesSecurity in programming languagesIndustry
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
