SECURITY PATTERN DETECTION IN SOFTWARE CODE USING MACHINE LEARNING ALGORITHMS
Restricted (Penn State Only)
- Author:
- Cha, Joonyoung
- Graduate Program:
- Cybersecurity Analytics and Operations
- Degree:
- Master of Science
- Document Type:
- Master Thesis
- Date of Defense:
- March 17, 2022
- Committee Members:
- Jungwoo Ryoo, Thesis Advisor/Co-Advisor
David Joseph Fusco, Committee Member
Mary Beth Rosson, Program Head/Chair
Philip Laplante, Committee Member - Keywords:
- Security Pattern
Software Code
Machine Learning
Security Pattern Detection (SPD)
Convolutional Neural Network
Long Short-Term Memory
Security
vulnerability - Abstract:
- Security patterns, defined as reusable building blocks of secure software code architecture, provide solutions to recurring security flaws and problems in specific contexts. Implementing non-standard or incomplete security patterns may create vulnerabilities that cybercriminals can exploit to execute various attacks on a computer system. Security patterns must be accurately identified and used to enhance software code quality and security features. This study examines the possibility of using machine learning algorithms to detect security patterns in software code. The proposed framework for our research is the Security Pattern Detection (SPD) and its internal pattern matching technique, Non-uniform Distributed Matrix Matching (NDMM). The machine learning algorithms selected for our study are Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM). The primary data for the study were collected by interviewing experts who agreed to participate in the study. The purposive sampling method was used to select experts in machine learning algorithms and security pattern detection in software code. The experts' responses were analyzed and, in conjunction with findings from recent studies on CNN and LSTM, used to develop a comprehensive discussion of the prospect of using machine learning algorithms to detect security patterns in software code.