Subventions et des contributions :

Retour à la page de recherche

Titre :

Improving Static Code Analysis Using Machine Learning Methods

Numéro de l’entente :

EGP

Valeur d'entente :

25 000,00 $

Date d'entente :

8 nov. 2017 -

Organisation :

Conseil de recherches en sciences naturelles et en génie du Canada

Location :

Ontario, Autre, CA

Numéro de référence :

GC-2017-Q3-00627

Type d'entente :

subvention

Type de rapport :

Subventions et des contributions

Informations supplémentaires :

Subvention ou bourse octroyée s'appliquant à plus d'un exercice financier (2017-2018 à 2018-2019).

Nom légal du bénéficiaire :

Guo, Yuhong (Carleton University)

Programme :

Subventions d'engagement partenarial pour les universités

But du programme :

Verifying computer programs is expensive and difficult. The available empirical tests are oftenx000D
time-consuming and ad-hoc providing only a fragmented understanding of the program being analyzed. Staticx000D
code analysis, which performs computer program debugging by examining the source code without explicitlyx000D
executing the program, is an invaluable asset for evaluating programs. However, most existing static analysisx000D
tools have major drawback of producing unmanageable number of false positives, while requiring significantx000D
costly manual interventions. This research project addresses this problem by developing machine learningx000D
approaches that increase the agent's ability to detect false vulnerabilities and induce more reliable staticx000D
analyzers. The project will provide a tangible benefit to the development of Software Secured's flagshipx000D
product Omega and their clients who will save countless man-hours currently spent triaging false positives.x000D
It also will have a significant impact on improving the quality of complex softwares in general.