TY - GEN
T1 - The Significant Effect of Parameter Tuning on Software Vulnerability Prediction Models
AU - Kudjo, Patrick Kwaku
AU - Aformaley, Selasie Brown
AU - Mensah, Solomon
AU - Chen, Jinfu
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/7
Y1 - 2019/7
N2 - Vulnerability prediction is one of the critical issues for researchers in the software industry. Technically, a vulnerability predictor is a machine learning model trained to identify vulnerable and non-vulnerable modules. Recent studies have shown that the performance of these models can be affected when the default parameter settings are used. Unfortunately, most studies in literature present their results using the default parameter settings. This study investigates the extent to which parameter optimization affect the performance of vulnerability prediction models. To evaluate our procedure, we conducted an empirical study on three open-source vulnerability datasets, namely Drupal, Moodle and PHPMyAdmin using five machine learning algorithms. Surprisingly, we found that in all cases of the 3 datasets studied, our models provided a significant increase in precision and accuracy against the benchmark study. In conclusion, software engineers can use the results obtained from this study when building data miners for identifying vulnerable modules.
AB - Vulnerability prediction is one of the critical issues for researchers in the software industry. Technically, a vulnerability predictor is a machine learning model trained to identify vulnerable and non-vulnerable modules. Recent studies have shown that the performance of these models can be affected when the default parameter settings are used. Unfortunately, most studies in literature present their results using the default parameter settings. This study investigates the extent to which parameter optimization affect the performance of vulnerability prediction models. To evaluate our procedure, we conducted an empirical study on three open-source vulnerability datasets, namely Drupal, Moodle and PHPMyAdmin using five machine learning algorithms. Surprisingly, we found that in all cases of the 3 datasets studied, our models provided a significant increase in precision and accuracy against the benchmark study. In conclusion, software engineers can use the results obtained from this study when building data miners for identifying vulnerable modules.
KW - Software vulnerability
KW - machine learning algorithms
KW - parameter optimization
UR - http://www.scopus.com/inward/record.url?scp=85073873565&partnerID=8YFLogxK
U2 - 10.1109/QRS-C.2019.00107
DO - 10.1109/QRS-C.2019.00107
M3 - Conference contribution
AN - SCOPUS:85073873565
T3 - Proceedings - Companion of the 19th IEEE International Conference on Software Quality, Reliability and Security, QRS-C 2019
SP - 526
EP - 527
BT - Proceedings - Companion of the 19th IEEE International Conference on Software Quality, Reliability and Security, QRS-C 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 19th IEEE International Conference on Software Quality, Reliability and Security Companion, QRS-C 2019
Y2 - 22 July 2019 through 26 July 2019
ER -