Print Email Facebook Twitter Predicting vulnerable files by using machine learning method Title Predicting vulnerable files by using machine learning method Author Shen, Xiwei (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Verwer, Sicco (mentor) Hartel, Pieter (graduation committee) Finavaro Aniche, Mauricio (graduation committee) Sedghi, Saeed (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science Date 2018-09-27 Abstract Web applications have been gaining increased popularity around the globe, in such a way that a growing number of users are attracted to make use of the functionality and information provided by these applications. While providing solutions to complicated problems in a fast and reliable way is one of the most advantages of using web applications, these platforms can cause adverse effect on user’s life if controlled in unauthorized way by malicious people. A platform with more vulnerabilities are more likely to be attacked. This research is focusing on building a prediction model for detecting vulnerabilities of web applications at eBay. Based on the analysis of important features, we dig deeper to find decisive factors of web application vulnerabilities. Making use of data on GitHub, we extract features related to source code files and developer networks, such as modification frequency, number of involved developers and duration between two commits. By applying machine learning techniques in the field of vulnerability prediction, we are able to provide reasonable suggestions for developers in the beginning phase. This can help develop relative defect-free and well-documented software. In this paper, we will explain the prediction model in detail from the aspects of code complexity, developers' behaviors and their networks. Moreover, according to results of various classifiers, we offer possible causes of vulnerabilities and reasonable suggestions for avoiding vulnerabilities in the future. To conclude, main contributions of this thesis are valuable feature engineering, the machine learning model and applicable suggestions for predicting vulnerabilities effectively at eBay. Subject Machine learningImbalanced learningNetwork Theory To reference this document use: http://resolver.tudelft.nl/uuid:899729ed-9b81-4973-a46a-18eca3131c8a Part of collection Student theses Document type master thesis Rights © 2018 Xiwei Shen Files PDF Graduation_Thesis.pdf 3.41 MB Close viewer /islandora/object/uuid:899729ed-9b81-4973-a46a-18eca3131c8a/datastream/OBJ/view