How Microsoft is Using Machine Learning to Secure its Software Development Cycle


Blog#7: How Microsoft is Using Machine Learning to Secure its Software Development Cycle
Name: Aileen 蔣慧玲
Student ID: D0726917
Source: https://analyticsindiamag.com/how-microsoft-is-using-machine-learning-to-secure-its-software-development-cycle/

Recently, Microsoft is reported to be building a machine learning classification system to secure the software development lifecycle. The machine learning system will help in classifying bugs as security or non-security and critical or non-critical which will provide a level of accuracy, similar to the ones that are provided by security experts.
According to the article, Microsoft has collected 13 million work items and bugs since 2001 and has spent approximately $150,000 per issue as a whole to mitigate bugs and vulnerabilities. However, it is said that there are more than 45,000 developers that are working to find solutions for the problem.  Microsoft stated, “We used that data to develop a process and machine learning model that correctly distinguishes between security and non-security bugs 99% of the time, and accurately identifies the critical, high priority security bugs 97% of the time.”

Behind The Classification System

The developers apply five processes to build a machine learning model that can give a maximum accuracy;
  1. Data collection: identify all data types, sources, and evaluate its quality.
  2. Data curation and approval: review the data and confirm whether the labels are correct.
  3. Modelling and evaluation: when a data modelling technique is selected, the model is trained, and the performance is evaluated.
  4. Evaluation of model in production: monitor the average number of bugs and manually review a random sampling of bugs.
  5. Automated re-training: make sure that the bug modelling system keeps the right pace with the ever-evolving products at Microsoft.

How It Works

There are two steps of machine learning model operation to classify bugs accurately:
1.      Learn how to classify security and non-security bugs.
2.      Apply severity labels such as critical, important, and low-impact to the security bugs.

Wrapping Up

After applying the machine learning classification system, the developers can accurately classify which work items are security bugs 99% of the time and also 97% accuracy rate when it comes to labeling critical and non-critical security bugs. 


Comments

Post a Comment

Popular posts from this blog

How Big Data Can Boost Weather Forecasting

張岳庭 D0741017 Source:  https://www.wired.com/insights/2013/02/how-big-data-can-boost-weather-forecasting/ Considering the number of variables involved and the complex interactions between these variables, weather forecasting has always been extremely challenging. The significant increase in data collection and processing capabilities has greatly improved the ability of weather forecasters to pinpoint the time and severity of hurricanes, floods, snowstorms and other weather events. Globally, more and more evidence of climate change is prompting governments and scientists to take action to protect people and property from its effects. But to take effective measures, they need to know more about the weather-from everything that will happen tomorrow to what will happen next year. According to the professor of economics and finance , Alan Anderson, PhD , “Example of an application of big data to weather forecasting is IBM’s Deep Thunder. Unlike many weather forecasting systems...
Read more

How Big Data is Changing the Production Industry

Blog#4 : How Big Data is Changing the Production Industry Name : Aileen 蔣慧玲 Student ID : D0726917 Source :   https://www.productionhub.com/blog/post/how-big-data-is-changing-the-production-industry Information technology plays a major role in Hollywood. Producers have to use big data analytics to get the right consumers and communicate with them well. Big data technologies will help filmmakers figure out the best ways to share their ideas and deliver messages, develop movies and content that involve ethical and societal issues. Therefore, information that we can get from the help of big data can help filmmakers make key decisions. Big Data is Changing the Production Game Big data technology can help filmmakers to connect and engage with consumers more directly using social media, mobile devices and traditional advertising outlets. Using this technology, producers can develop promotions that reaches the right consumer at the right time. It is not enough just to mainta...
Read more

Big Data case study: 5 relevant examples from the airline industry

D0740712 Connie  吳霈晴 Website: https://blog.datumize.com/5-relevant-examples-of-a-big-data-case-study-from-the-airline-industry With the summer vacation coming, travel is the one that people love to do during vacation, especially long vacation, going abroad may be the first choice for many travelers. So this makes me think of what is the relationship between big data and airplanes? How will it apply on the airline industry? This article tells about the benefits of big data on airlines, which covers three main advantages. 1.      Smarter maintenance 2.      Safer flights 3.      Improve service The first one includes the fuel of airplane, by analyzing and predicting, the article takes some specific airplane company as an example, giving the real number and how much they save the cost. Second, safety. Like this kind of transportation has a higher risk to take, if have the big data’s help, th...
Read more