Accession Number:

AD1083619

Title:

Automating Static Analysis Alert Handling with Machine Learning

Descriptive Note:

Technical Report

Corporate Author:

Carnegie Mellon University Software Engineering Institute Pittsburgh United States

Personal Author(s):

Report Date:

2018-01-01

Pagination or Media Count:

31.0

Abstract:

Contents include Overview Background Automatic Alert Classification Solution Lexicon And Rules Lexicon Audit Determinations Audit Rules Machine Learning with Static Analysis Audit Archives Data Used for Classifiers CERT-Audited Archives Characterization Archive sanitizer enabled collaborator data use Classifier Result Highlights Data All Sources Rapid Expansion of Alert Classification Overview Method, Approach, Validity Make Mappings Precise Test Suite Cross-Taxonomy Use Analysis of Juliet Test Suite Initial CWE Results Juliet Test Suite Classifiers Initial Results Hold-out Data.

Subject Categories:

  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE