Seminar at City University London (Apr 2016)

On the Metrics for Benchmarking Vulnerability Detection Tools

Academic Seminar  ·  City University London  ·  London, UK  ·  Apr 2016

Vulnerability detection tools are evaluated constantly, yet the community had (and to a considerable extent still has) no consensus on which metrics to use. Detection rate? False positive rate? Coverage of specific vulnerability classes? Ranking tools by different metrics produces different rankings, and without a principled framework for choosing among them, comparison is essentially impossible.

This seminar at City University London examined the metrics problem directly, drawing on earlier DSN 2015 work. It presented a systematic analysis of the metrics landscape for vulnerability detection tool evaluation and proposed criteria for selecting and combining metrics in a way that is both technically sound and useful for practitioners who must choose tools for real deployments.

  Download Slides
Marco's RA (Online)
Hi! I'm Marco Vieira's designated Research Assistant. I'm supposed to answer your questions but I really need to finish running this simulation script. What do you need?