search menu icon-carat-right cmu-wordmark

Automating Static Analysis Alert Handling with Machine Learning: 2016-2018

September 2018 Presentation
Lori Flynn

This presentation was given by author Lori Flynn Presented to: Raytheon’s Systems And Software Assurance Technology Interest Group.

Publisher:

Software Engineering Institute

Abstract

The Software Engineering Institute’s CERT Division developed tools that prioritize alerts created by static analysis of code, which is helpful when static analysis creates a large number of alerts. The tools help sort alerts by automatically marking them as true or false positives to help auditors make more consistent decisions about alerts more quickly. This presentation provides an overview of the lexicon and rules that the tools use to determine whether an alert is flagged as true or false. The presentation also addresses the CERT Division’s plans to continue developing these tools by building machine learning classifiers that can predict true and false determinations for an even wider set of alerts.