Software Repositories and Machine Learning Research in Cyber Security

TL;DR

This paper explores how machine learning techniques can be applied to cyber security repositories to improve early vulnerability detection during software development, aiming to enhance automation and security.

Contribution

It introduces a comprehensive approach using various supervised machine learning methods to connect software requirements with vulnerabilities, advancing beyond previous unsupervised techniques.

Findings

Successful use of topic modeling and unsupervised ML for vulnerability detection

Proposed transition to supervised ML methods like SVM and neural networks

Potential for improved automation in identifying software vulnerabilities

Abstract

In today's rapidly evolving technological landscape and advanced software development, the rise in cyber security attacks has become a pressing concern. The integration of robust cyber security defenses has become essential across all phases of software development. It holds particular significance in identifying critical cyber security vulnerabilities at the initial stages of the software development life cycle, notably during the requirement phase. Through the utilization of cyber security repositories like The Common Attack Pattern Enumeration and Classification (CAPEC) from MITRE and the Common Vulnerabilities and Exposures (CVE) databases, attempts have been made to leverage topic modeling and machine learning for the detection of these early-stage vulnerabilities in the software requirements process. Past research themes have returned successful outcomes in attempting to automate vulnerability identification for software developers, employing a mixture of unsupervised machine learning methodologies such as LDA and topic modeling. Looking ahead, in our pursuit to improve automation and establish connections between software requirements and vulnerabilities, our strategy entails adopting a variety of supervised machine learning techniques. This array encompasses Support Vector Machines (SVM), Na\"ive Bayes, random forest, neural networking and eventually transitioning into deep learning for our investigation. In the face of the escalating complexity of cyber security, the question of whether machine learning can enhance the identification of vulnerabilities in diverse software development scenarios is a paramount consideration, offering crucial assistance to software developers in developing secure software.