loading page

Predicting Software Vulnerability Based on Software Metrics: A Deep Learning Approach
  • +2
  • Francis Kwadzo Agbenyegah,
  • Jinfu Chen,
  • Michael Asante,
  • Ernest Akpaku,
  • Jingyi Chen
Francis Kwadzo Agbenyegah
Jiangsu University School of Computer Science and Communication Engineering
Author Profile
Jinfu Chen
Jiangsu University School of Computer Science and Communication Engineering

Corresponding Author:[email protected]

Author Profile
Michael Asante
Kwame Nkrumah University of Science and Technology
Author Profile
Ernest Akpaku
Jiangsu University School of Computer Science and Communication Engineering
Author Profile
Jingyi Chen
Jiangsu University School of Computer Science and Communication Engineering
Author Profile

Abstract

Failures in computer systems are caused by flaws in the design of the computer systems, bugs and vulnerabilities. Vulnerabilities in software is inevitable, hence there should be a mechanism in place to detect, locate and remove these vulnerabilities in computer systems before being deployed. Mostly used in the vulnerability prediction model (VPM) are the text-mining and software metrics, which results into low accuracy and few recall. This paper investigates the impact of the non-used metrics and the mostly used metrics in predicting the availability of bugs in software code. The deep learning algorithm used in the design of the VPM includes convolutional neural network (CNN), multilayer perceptron (MLP), long term short memory (LSTM) and combine the MLP and CNN. The experimental results show that, known software metrics (TSM) and uninvestigated software metrics or new software metrics (NIM) are not ideal for vulnerability prediction since they all shows poor performance.