Code review is an important practice in software development, aimed at ensuring code quality and mitigating potential issues. Although effective, manual code reviews are time-consuming. In response, the research community has explored automating this process using deep learning. However, existing models, designed to address a broad spectrum of code review types, often fail to account for the unique aspects of reviews specifically related to vulnerabilities. One reason is the underrepresentation of such reviews in training datasets, which impacts the accuracy of these models. Consequently, there is limited knowledge on the specific characteristics of vulnerability-focused code reviews and the performance of current models in this specialized context.
To bridge this gap, this thesis proposes a comprehensive study of the attributes that define an effective vulnerability-focused code review. It also aims to evaluate the performance of state-of-the-art models in generating vulnerability code reviews. To improve the effectiveness of these models, the plan is to create a specialized dataset of vulnerability code reviews. The anticipated outcome is a deep understanding of the characteristics of vulnerability code reviews and a more accurate and reliable automated code review tool, specifically designed to address security vulnerabilities, thus substantially improving the robustness of software security practices.
Wed 25 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
Andromeda is located close to the restaurant and the bar, at the end of the corridor on the side of the bar.
From the registration desk, go towards the restaurant, turn left towards the bar, walk until the end of the corridor.