Automated Analysis of Source Code Patches using Machine Learning Algorithms

Castro Lechtaler, Antonio; Liporace, Julio César; Cipriano, Marcelo; García, Edith; Maiorano, Ariel; Malvacio, Eduardo; Tapia, Néstor
Año de publicación
Tipo de recurso
documento de conferencia
Versión publicada
An updated version of a tool for automated analysis of source code patches and branch differences is presented. The upgrade involves the use of machine learning techniques on source code, comments, and messages. It aims to help analysts, code reviewers, or auditors perform repetitive tasks continuously. The environment designed encourages collaborative work. It systematizes certain tasks pertaining to reviewing or auditing processes. Currently, the scope of the automated test is limited. Current work aims to increase the volume of source code analyzed per time unit, letting users focus on alerts automatically generated. The tool is distributed as open source software. This work also aims to provide arguments in support of the use of this type of tool. A brief overview of security problems in open source software is presented. It is argued that these problems were or may have been discovered reviewing patches and branch differences, released before the vulnerability was disclosed.
IV Workshop de Seguridad Informática (WSI)
Red de Universidades con Carreras en Informática (RedUNCI)
Ciencias Informáticas
Data mining
text mining
software quality
patch analysis
Nivel de accesibilidad
Acceso abierto
Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Argentina (CC BY-NC-SA 2.5)
Universidad Nacional de La Plata
OAI Identificador