Limitation of Naive Bayes Classifier in Pinpointing Vulnerabilities in JavaScript Files

While utilizing the Naive Bayes classifier to detect brute force attacks, validate inputs, identify insecure authentication, and analyze security headers, the model is unable to pinpoint the exact line of code in the test JavaScript file where the vulnerability exists. This is unlike cases such as detecting callback hell or unsafe regex, where specific vulnerable lines can be identified.

**Ouptut in case of detecting brute force attacks, validate inputs, identify insecure authentication, and analyze security headers:**

![image](https://github.com/user-attachments/assets/959a93c5-7a5e-4207-96d8-d82b18cfc1c4)

![image](https://github.com/user-attachments/assets/d16fe4e0-b591-47fd-b913-10acce47cb1b)

![image](https://github.com/user-attachments/assets/c5a04f0d-74f2-4d10-957b-3e5e6267a363)

**Desired Output (in case of detecting callback hell, unsafe regex):**

![image](https://github.com/user-attachments/assets/3b2d5583-c96f-4c01-8d04-0d7926446a2c)

![image](https://github.com/user-attachments/assets/7a82271b-b222-4f45-bd53-f4dbceada7df)


**Files to be referred/altered for this change:**

1. DetectBruteForceAttack.ts
2. DetectInputValidation.ts
3. InsecureAuthentication.ts
4. AnalyzeSecurityHeaders.ts

**Make sure the end user/developer (who downloads the NPM package) is able to smoothly run the NPM package after these changes.**

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Limitation of Naive Bayes Classifier in Pinpointing Vulnerabilities in JavaScript Files #9

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Limitation of Naive Bayes Classifier in Pinpointing Vulnerabilities in JavaScript Files #9

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions