Software Vulnerability Prediction Models Based On Complex Network

Recently, the software has been developed increasingly. It is more and more difficult to find software vulnerabilities. Therefore, this paper proposes a software vulnerability prediction model based on the complex network. This model regards the software defect evaluation as three classifications or regression sub-problems, including the defects in each class, software defect severity evaluation and software defect priority evaluation. This model uses machine learning method to train complex network feature, object-oriented feature and structure feature. The model can evaluate software defects on the hierarchy of class and assess software vulnerability effectively. An experiment on Hibernate is carried out, which selects random forest model as each sub-model. The experiment shows that the model is valid and accurate to evaluate vulnerability.