MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV

Add code
May 10, 2013
Serguei A. Mokhov, Joey Paquet, Mourad Debbabi, Yankui Sun
Figure 1 for MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV
Figure 2 for MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV
Figure 3 for MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV
Figure 4 for MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

We present a second iteration of a machine learning approach to static code analysis and fingerprinting for weaknesses related to security, software engineering, and others using the open-source MARF framework and the MARFCAT application based on it for the NIST's SATE IV static analysis tool exposition workshop's data sets that include additional test cases, including new large synthetic cases. To aid detection of weak or vulnerable code, including source or binary on different platforms the machine learning approach proved to be fast and accurate to for such tasks where other tools are either much slower or have much smaller recall of known vulnerabilities. We use signal and NLP processing techniques in our approach to accomplish the identification and classification tasks. MARFCAT's design from the beginning in 2010 made is independent of the language being analyzed, source code, bytecode, or binary. In this follow up work with explore some preliminary results in this area. We evaluated also additional algorithms that were used to process the data.

* A shorter version submitted for review to 13th IEEE International Working Conference on Source Code Analysis and Manipulation. 39 pages with figures, tables, TOC, and index  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon