When: Thursday, 2014-Dec-04, 11h30-12h00
Where: FCUL-DI, room C6.3.05
Presenter: Ibéria Medeiros
Abstract: In this smalltalk, I will present a new static analysis method to detect web application vulnerabilities, as well the DEKANT mechanism that implements that method. Inspired in natural language processing (NLP), I use a sequence model — a Hidden Markov Model – to learn to characterize vulnerabilities based on a set of source code slices with its elements annotated as vulnerable or not. This knowledge takes into consideration the order in which the code elements appear in the slices, relating them. My goal is to collect opinions about the method and cases not covered by it to improve this work.