Abstract: False Positive Alerts (FPA), generated by Static Analyzers Tools (SAT), reduce the effectiveness of the automatic code review, letting them be underused in practice. Researchers conduct a lot of tests to improve SAT accuracy while keeping FPA at a lower rate. They use different simulated and production datasets to validate their proposed methods. This paper surveys recent approaches dealing with FPA filtering; it compares them and discusses their usefulness. It also studies the used datasets to validate the identified methods and show their effectiveness to cover most program defects. This study focuses mainly on the security bugs covered by the datasets and handled by the existing methods.

Aymen Akremi, “Software Security Static Analysis False Alerts Handling Approaches” International Journal of Advanced Computer Science and Applications(IJACSA), 12(11), 2021. http://dx.doi.org/10.14569/IJACSA.2021.0121180

@article{Akremi2021,
title = {Software Security Static Analysis False Alerts Handling Approaches},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2021.0121180},
url = {http://dx.doi.org/10.14569/IJACSA.2021.0121180},
year = {2021},
publisher = {The Science and Information Organization},
volume = {12},
number = {11},
author = {Aymen Akremi}
}