Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Presentation

Automating Static Analysis Alert Handling with Machine Learning: 2016-2018

  • Abstract

    The Software Engineering Institute’s CERT Division developed tools that prioritize alerts created by static analysis of code, which is helpful when static analysis creates a large number of alerts. The tools help sort alerts by automatically marking them as true or false positives to help auditors make more consistent decisions about alerts more quickly. This presentation provides an overview of the lexicon and rules that the tools use to determine whether an alert is flagged as true or false. The presentation also addresses the CERT Division’s plans to continue developing these tools by building machine learning classifiers that can predict true and false determinations for an even wider set of alerts.

  • Download