This pages contains various talks and publications that have been done relating to DFFML. Organized by format.


Down the Dependency Rabbit Hole

John Andersen

As people with the word “security” in our titles, we come across a lot of questionable decisions. It’s our job to scrutinize the dubious and guide the less paranoid. Wide eyed developers in a dependency wonderland can easily find themselves smoking opiumssl with a caterpillar from stackoverflow who assured them it’s twice as performant than openssl. Nevermind the fact that it was written by @madhatter in 2012 and never touched since. In our infinite wisdom we set them back on the right track. But how wise are we really? Could a robot do just a good a job at guiding them through the looking glass?



Poster Presentations

Yash Lamba

Presentation of work done over Google Summer of Code 2019 working on adding new machine learning models to DFFML.


Theory, Operation, and Application of Neural Networks

John Andersen

This paper examines the history and current state of machine learning. It examines neural networks, theory behind neural networks, how they are implemented, and how they are used. The systems and networks examined have up to three modes of learning. Theory behind machine learning is broken up into three approaches; rule-based, Bayesian, and neural networks. Operation of machine learning algorithms has been enabled by several prevalent libraries in the open source community, as well as various hardware technologies. Due to this surge in resources application developers have been able to apply machine learning in novel ways. An application of machine learning to evaluate the security practices of open source software was undertaken as the culmination of this thesis.