Software developers are vital to any organization and often encounter suspicious and unusual behaviors when developing their software. A new and innovative approach is needed to detect and prevent these behaviors, and this is where this thesis proposal applies. This thesis proposes to use knowledge graphs to detect and identify suspect, wrong, or unusual behavior in software developers. Knowledge graphs provide a powerful way to represent, store, and analyze data. I plan to use this technology to develop an anomaly detection system that can identify anomalous behaviors in software developers. This thesis proposal explores the potential of knowledge graphs for anomaly detection of suspect, wrong or unusual behavior in software developers.

Preliminary Literature

The literature review will explore the use of knowledge graphs for anomaly detection and look at existing solutions that could detect anomalies in software developers. This section will also compare existing approaches to solving suspicious, wrong, or unusual behavior in software developers. By doing this, the researcher will better understand the current state of anomaly detection in software developers using a knowledge graph.

Forestiero (2021) documented that anomaly detection involves identifying patterns and behaviors considered unusual or out of the ordinary to identify potential system issues or detect malicious activities. According to Zheng et al. (2022), knowledge graphs have been increasingly used to detect these anomalies, providing a unique way to explore relationships between entities. By examining the relationships between entities, such as software developers, programming languages, and repositories, it is possible to identify patterns and behaviors that indicate an anomaly. In this literature review, we will explore the use of knowledge graphs for anomaly detection and look at existing solutions that could be used to detect anomalies in software developers. We will also discuss the challenges associated with using knowledge graphs for anomaly detection and suggest potential solutions to address these challenges. By doing this, it is possible to better understand the current state of anomaly detection in software developers using a knowledge graph.

The use of knowledge graphs in software development has been studied extensively in recent years, especially concerning anomaly detection. Farahani et al. (2019) noted that anomaly detection is a process that seeks to identify unusual behavior or patterns in data sets, which they agree with in Forestiero (2021). In software development, anomalies can refer to malicious or suspicious activities, such as code injection or backdoors, and more subtle behaviors, such as unexpected coding styles or refactoring activities (Farahani et al., 2019). Previous research has attempted to detect these anomalies by analyzing code repositories with various machine-learning algorithms, such as those found on GitHub (Wartschinski et al., 2022). However, this approach often yields inaccurate results due to the limited data available from these sources.

In order to improve accuracy, more recent research has sought to leverage knowledge graphs for anomaly detection in software development. A knowledge graph collects connected data points, usually structured as nodes and relationships, enabling efficient mapping of complex datasets (Liu et al., 2022). Researchers can use knowledge graphs to identify unusual or suspicious activities by analyzing the relationships between data points.

Deecke et al. 2021 proposed that one of the most prominent approaches in this area is “Semantic Anomaly Detection .”This method uses semantic similarity metrics to identify anomalies in software development projects by comparing source code and its associated meta-data. Xu et al. 2022 added that another approach is the “Cumulative Anomaly Detection” framework. This method uses knowledge graphs to analyze changes in software development activities over time. The framework can identify suspicious activities by monitoring for changes in the frequency and intensity of activities.

Sagar et al. (2021) presented a method for using knowledge graphs to detect anomalies in software development processes. They created a knowledge graph from commit logs and source code, which was then used to identify anomalies in a project’s development cycle. Moreover, Zoppi et al. (2023) proposed a system for detecting anomalies in software repositories using knowledge graphs. Their system used unsupervised and supervised machine learning models to analyze software metrics. It was able to accurately identify anomalies in software projects, as well as determine their cause.

Research has also been conducted into applying knowledge graphs to anomaly detection in software defect prediction. For example, Bai et al. (2