Author: Bc. Tomáš Beránek
Supervisor: prof. Ing. Tomáš Vojnar, Ph.D.
Consultants: Mgr. Marek Grác, Ph.D., Ing. Viktor Malík
- Learn about the Infer tool for static analysis and finding bugs in software.
- Explore the possibilities of using machine learning in the context of source code analysis.
- Get a dataset containing the bugs found by Infer, with information on whether they are real bugs or not.
- Design and implement a machine learning based approach (using the dataset obtained in Section 3) that will be able to automatically determine whether a bug found by Infer represents a real bug or not.
- Evaluate the quality of your solution on at least two different open-source projects.
- Summarize and discuss the results obtained and their possible extensions.
- Facebook Infer
- Cao, Sicong, et al. "Bgnn4vd: constructing bidirectional graph neural-network for vulnerability detection." Information and Software Technology 136 (2021): 106576.
- Y. Zheng et al., "D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis," 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), 2021, pp. 111-120.
For the installation and user manual, please refer to xberan46-2024.pdf in Appendix B -- Installation and User Manual.