Detecting security related code by using software architecture

Abstract

This thesis looks into automatic detection of security related code in order to eliminate this problem. Since manual code detection is tiresome and introduces human error we need a more efficient way of doing it. We explore code detection by using software architecture and code metrics to extract information about the code and then using this information with machine learning algorithms. By extracting code metrics and combining them with Wirfs-Brocks class roles we show that it is possible to detect security related code. We conclude that in order to achieve much better detection accuracy we need to use different kind of methods. This could be software architecture pattern detection to extract additional information.