March 29, 2021
Paper has been accepted for the first ICCQ Conference that was held in Moscow (online) in March.
The paper, titled “Towards a Prototype Based Explainable JavaScript Vulnerability Prediction Model”, authored by Balázs Mosolygó, Norbert Vándor, Gábor Antal, Péter Hegedűs, and Rudolf Ferenc (Department of Software Engineering).
The article is concerned with using machine learning models for security risk mitigation. The research aimed to improve upon two areas that fall short when using ML: explainability and prediction granularity. Their novel approach was used to identify vulnerabilities in JavaScript source code, and was successful in flagging them in real world JavaScript projects. The method results in high enough granularity to make it easier for developers to take immediate action.