TY - JOUR AU - Aladics, Tamás AU - Hegedűs, Péter AU - Ferenc, Rudolf TI - A Comparative Study of Commit Representations for JIT Vulnerability Prediction JF - COMPUTERS J2 - COMPUTERS VL - 13 PY - 2024 IS - 1 SP - 22 SN - 2073-431X DO - 10.3390/computers13010022 UR - https://m2.mtmt.hu/api/publication/34499921 ID - 34499921 AB - With the evolution of software systems, their size and complexity are rising rapidly. Identifying vulnerabilities as early as possible is crucial for ensuring high software quality and security. Just-in-time (JIT) vulnerability prediction, which aims to find vulnerabilities at the time of commit, has increasingly become a focus of attention. In our work, we present a comparative study to provide insights into the current state of JIT vulnerability prediction by examining three candidate models: CC2Vec, DeepJIT, and Code Change Tree. These unique approaches aptly represent the various techniques used in the field, allowing us to offer a thorough description of the current limitations and strengths of JIT vulnerability prediction. Our focus was on the predictive power of the models, their usability in terms of false positive (FP) rates, and the granularity of the source code analysis they are capable of handling. For training and evaluation, we used two recently published datasets containing vulnerability-inducing commits: ProjectKB and Defectors. Our results highlight the trade-offs between predictive accuracy and operational flexibility and also provide guidance on the use of ML-based automation for developers, especially considering false positive rates in commit-based vulnerability prediction. These findings can serve as crucial insights for future research and practical applications in software security. LA - English DB - MTMT ER - TY - CHAP AU - Aladics, Tamás AU - Hegedűs, Péter AU - Ferenc, Rudolf ED - Fill, Hans-Georg ED - van Sinderen, Marten ED - Maciaszek, Leszek A. TI - An AST-Based Code Change Representation and Its Performance in Just-in-Time Vulnerability Prediction T2 - Software Technologies PB - Springer Nature Switzerland AG CY - Cham SN - 9783031372315 T3 - Communications in Computer and Information Science, ISSN 1865-0929 ; 1859. PY - 2023 SP - 169 EP - 186 PG - 18 DO - 10.1007/978-3-031-37231-5_8 UR - https://m2.mtmt.hu/api/publication/34066580 ID - 34066580 LA - English DB - MTMT ER - TY - CHAP AU - Aladics, Tamás AU - Hegedűs, Péter AU - Ferenc, Rudolf ED - Hans-Georg, Fill ED - Marten, van Sinderen ED - Leszek, Maciaszek TI - A Vulnerability Introducing Commit Dataset for Java: An Improved SZZ based Approach T2 - Proceedings of the 17th International Conference on Software Technologies PB - SciTePress CY - Setubal SN - 9789897585883 T3 - ICSOFT - International Conference on Software Technologies, ISSN 2184-2833 PY - 2022 SP - 68 EP - 78 PG - 11 DO - 10.5220/0011275200003266 UR - https://m2.mtmt.hu/api/publication/33036709 ID - 33036709 LA - English DB - MTMT ER - TY - JOUR AU - Aladics, Tamás AU - Jász, Judit AU - Ferenc, Rudolf TI - Bug Prediction Using Source Code Embedding Based on Doc2Vec JF - LECTURE NOTES IN COMPUTER SCIENCE J2 - LNCS VL - 12955 PY - 2021 SP - 382 EP - 397 PG - 16 SN - 0302-9743 DO - 10.1007/978-3-030-87007-2_27 UR - https://m2.mtmt.hu/api/publication/32499099 ID - 32499099 N1 - A sorozat rendelkezik SJR értékkel a publikáció megjelenési évében, ezért besorolása szakcikk. LA - English DB - MTMT ER - TY - CONF AU - Aladics, Tamás AU - Jász, Judit AU - Ferenc, Rudolf TI - Feature Extraction from JavaScript T2 - The 12th Conference of PhD Students in Computer Science PB - Szegedi Tudományegyetem (SZTE) C1 - Szeged PY - 2020 SP - 143 EP - 146 PG - 4 UR - https://m2.mtmt.hu/api/publication/31646219 ID - 31646219 LA - English DB - MTMT ER - TY - JOUR AU - Ferenc, Rudolf AU - Viszkok, Tamás AU - Aladics, Tamás AU - Jász, Judit AU - Hegedűs, Péter TI - Deep-water framework: The Swiss army knife of humans working with machine learning models JF - SOFTWAREX J2 - SOFTWAREX VL - 12 PY - 2020 PG - 7 SN - 2352-7110 DO - 10.1016/j.softx.2020.100551 UR - https://m2.mtmt.hu/api/publication/31646209 ID - 31646209 LA - English DB - MTMT ER -