Structured Review of Code Clone Literature

This report presents the results of a structured review of code clone literature. The aim of the review is to assemble a conceptual model of clone-related concepts which helps us to reason about clones. This conceptual model unifies clone concepts from a wide range of literature, so that findings about clones can be compared with each other

A review of software change impact analysis

Change impact analysis is required for constantly evolving systems to support the comprehension, implementation, and evaluation of changes. A lot of research effort has been spent on this subject over the last twenty years, and many approaches were published likewise. However, there has not been an extensive attempt made to summarize and review published approaches as a base for further research in the area. Therefore, we present the results of a comprehensive investigation of software change impact analysis, which is based on a literature review and a taxonomy for impact analysis. The contribution of this review is threefold. First, approaches proposed for impact analysis are explained regarding their motivation and methodology. They are further classified according to the criteria of the taxonomy to enable the comparison and evaluation of approaches proposed in literature. We perform an evaluation of our taxonomy regarding the coverage of its classification criteria in studied literature, which is the second contribution. Last, we address and discuss yet unsolved problems, research areas, and challenges of impact analysis, which were discovered by our review to illustrate possible directions for further research

An enhanced performance model for metamorphic computer virus classification and detectioN

Metamorphic computer virus employs various code mutation techniques to change its code to become new generations. These generations have similar behavior and functionality and yet, they could not be detected by most commercial antivirus because their solutions depend on a signature database and make use of string signature-based detection methods. However, the antivirus detection engine can be avoided by metamorphism techniques. The purpose of this study is to develop a performance model based on computer virus classification and detection. The model would also be able to examine portable executable files that would classify and detect metamorphic computer viruses. A Hidden Markov Model implemented on portable executable files was employed to classify and detect the metamorphic viruses. This proposed model that produce common virus statistical patterns was evaluated by comparing the results with previous related works and famous commercial antiviruses. This was done by investigating the metamorphic computer viruses and their features, and the existing classifications and detection methods. Specifically, this model was applied on binary format of portable executable files and it was able to classify if the files belonged to a virus family. Besides that, the performance of the model, practically implemented and tested, was also evaluated based on detection rate and overall accuracy. The findings indicated that the proposed model is able to classify and detect the metamorphic virus variants in portable executable file format with a high average of 99.7% detection rate. The implementation of the model is proven useful and applicable for antivirus programs

Leveraging Software Clones for Software Comprehension: Techniques and Practice

RÉSUMÉ Le corps de cette thèse est centré sur deux aspects de la détection de clones logiciels: la détection et l’application. En détection, la contribution principale de cette thèse est un nouveau détecteur de clones conçu avec la librairie mtreelib, elle-même développée expressément pour ce travail. Cette librairie implémente un arbre de métrique général, une structure de donnée spécialisée dans la division des espaces de métriques dans le but d’accélérer certaines requêtes communes, comme les requêtes par intervalles ou les requêtes de plus proche voisin. Cette structure est utilisée pour construire un détecteur de clones qui approxime la distance de Levenshtein avec une forte précision. Une brève évaluation est présentée pour soutenir cette précision. D’autres résultats pertinents sur les métriques et la détection incrémentale de clones sont également présentés. Plusieurs applications du nouveau détecteur de clones sont présentés. Tout d’abord, un algorithme original pour la reconstruction d’informations perdus dans les systèmes de versionnement est proposé et testé sur plusieurs grands systèmes. Puis, une évaluation qualitative et quantitative de Firefox est faite sur la base d’une analyse du plus proche voisin; les courbes obtenues sont utilisées pour mettre en lumière les difficultés d’effectuer une transition entre un cycle de développement lent et rapide. Ensuite, deux expériences industrielles d’utilisation et de déploiement d’une technologie de détection de clonage sont présentés. Ces deux expériences concernent les langages C/C++, Java et TTCN-3. La grande différence de population de clones entre C/C++ et Java et TTCN-3 est présentée. Finalement, un résultat obtenu grâce au croisement d’une analyse de clones et d’une analyse de flux de sécurité met en lumière l’utilité des clones dans l’identification des failles de sécurité. Le travail se termine par une conclusion et quelques perspectives futures.----------ABSTRACT This thesis explores two topics in clone analysis: detection and application. The main contribution in clone detection is a new clone detector based on a library called mtreelib. This library is a package developed for clone detection that implements the metric data structure. This structure is used to build a clone detector that approximates the Levenshtein distance with high accuracy. A small benchmark is produced to assess the accuracy. Other results from these regarding metrics and incremental clone detection are also presented. Many applications of the clone detector are introduced. An original algorithm to reconstruct missing information in the structure of software repositories is described and tested with data sourced from large existing software. An insight into Firefox is exposed showing the quantity of change between versions and the link between different release cycle types and the number of bugs. Also, an analysis crossing the results from pattern traversal, flow analysis and clone detection is presented. Two industrial experiments using a different clone detector, CLAN, are also presented with some developers’ perspectives. One of the experiments is done on a language never explored in clone detection, TTCN-3, and the results show that the clone population in that language differs greatly from other well-known languages, like C/C++ and Java. The thesis concludes with a summary of the findings and some perspectives for future research

System Engineering and Evolution Decision Support Interim Progress Report (01/01/2000-09/30/2000)

The objective of our effort is to develop a scientific basis for system engineering automation and decision support. This objective addresses the long term goals of increasing the quality of service provided complex systems while reducing development risks, costs, and time. Our work focused on decision support for designing operations of complex modular systems that can include embedded software. Emphasis areas included engineering automation capabilities in the areas of design modifications, design records, reuse, and automatic generation of design representations such as real-time schedules and software

Proceedings of Monterey Workshop 2001 Engineering Automation for Sofware Intensive System Integration

The 2001 Monterey Workshop on Engineering Automation for Software Intensive System Integration was sponsored by the Office of Naval Research, Air Force Office of Scientific Research, Army Research Office and the Defense Advance Research Projects Agency. It is our pleasure to thank the workshop advisory and sponsors for their vision of a principled engineering solution for software and for their many-year tireless effort in supporting a series of workshops to bring everyone together.This workshop is the 8 in a series of International workshops. The workshop was held in Monterey Beach Hotel, Monterey, California during June 18-22, 2001. The general theme of the workshop has been to present and discuss research works that aims at increasing the practical impact of formal methods for software and systems engineering. The particular focus of this workshop was "Engineering Automation for Software Intensive System Integration". Previous workshops have been focused on issues including, "Real-time & Concurrent Systems", "Software Merging and Slicing", "Software Evolution", "Software Architecture", "Requirements Targeting Software" and "Modeling Software System Structures in a fastly moving scenario".Office of Naval ResearchAir Force Office of Scientific Research Army Research OfficeDefense Advanced Research Projects AgencyApproved for public release, distribution unlimite

System engineering and evolution decision support, Final Progress Report (05/01/1998 - 09-30-2001)

The objective of our effort is to develop a scientific basis for system engineering automation and decision support. This objective addresses the long term goals of increasing the quality of service provided complex systems while reducing development risks, costs, and time. Our work focused on decision support for designing operations of complex modular systems that can include embedded software. Emphasis areas included engineering automation capabilities in the areas of design modifications, design records, reuse, and automatic generation of design representations such as real-time schedules and software.U.S. Army Research OfficeFunding number(s): DSAM 90387, DWAM 80013, DWAM 90215

Détection, protection, évolution et test de défaillances à l'aide d'un modèle inter-procédural simple

Résumé Il est utile de disposer d’outils pour aider à effectuer des opérations de maintenances dans les logiciels. Plusieurs types d’outils sont disponibles à cet effet, pour cette étude nous nous concentrerons sur quatre types d’outils soit, les outils de détection, d’évolution, de correction et de tests. Cette thèse étudie ces quatre types d’outils en fonction de la maintenance à effectuer en rapport avec les défaillances de type SQL-injection dans une application Web écrite en PHP. Les approches que nous proposons emploient l’analyse statique, l’analyse dynamique, la réingénierie du code source et un algorithme génétique pour réaliser ces tâches de maintenance. Un modèle inter-procédural du code source en PHP est construit et est utilisé pour détecter et faire le suivi de l’évolution des vulnérabilités identifiées. Un modèle de requêtes SQL légitimes est construit par analyse statique et dynamique afin de protéger automatiquement les applications Web écrite en PHP. Une approche pour la génération automatique de tests basée sur un algorithme génétique est aussi présentée. Ces approches ont été validées en les appliquant sur plusieurs version d’une application connue pour contenir des vulnérabilités SQL-injections soit : le logiciel phpBB qui est une application gérant un babillard électronique qui utilise la base de données MySql pour stocker l’information d’une manière persistante. Une expérimentation a été réalisée avec la version 2.0.0 de phpBB et a permis de détecter automatiquement des vulnérabilités en utilisant une analyse statique de flux inter-procédurale. Ces résultats ont été reproduits en utilisant le modèle checking ce qui vient confirmer et renforcer l’approche. Aussi, 31 versions de phpBB ont été utilisées pour suivre l’évolution des vulnérabilités identifiées. Un algorithme génétique est utilisé pour générer des cas de tests qui visent un cas particulier dans l’application. Cette expérimentation a été effectuée sur l’optimiseur de requêtes de la base de données DB2. Les résultats montrent que l’algorithme génétique permet de générer des cas de tests plus rapidement qu’un générateur aléatoire.----------Abstract Automated tools can be helpful for doing maintenance tasks on computer software. Many kinds of tools are available for doing so; in this study we concentrate on four kinds of tools that are: detection tools, evolution tools, corrective tools and testing tools. In this thesis we study those four kinds of tools in the perspective of doing maintenance related to SQL-injections vulnerabilities in applications written in PHP. We propose to use static analysis, dynamic analysis, source code reengineering and a genetic algorithm for doing theses tasks. An interprocedural model of the PHP source code is built for detecting SQL-injections vulnerabilities. A model of legitimate SQL queries is built by using static analysis and dynamic analysis; this model is used in an automated source code reengineering that implement an automated protection against SQL-injections vulnerabilities. An approach to automatically generate targeted testing cases by using a genetic algorithm is also presented. A case study using theses approaches have been done. We have used phpBB that is a software known for the abundance of SQL-injection vulnerabilities. An experimentation using the approach of inter-procedural static analysis has detected vulnerabilities in phpBB v2.0.0. These results have been reproduced using model checking instead of static analysis in the objective of gaining more confidence in both static analysis and model checking approaches. Also, 31 versions of phpBB have been used for studying the evolution of SQL-injections vulnerabilities. Finally, a genetic algorithm is used to automatically generate targeted testing cases. This last experimentation has been done on the DB2 database SQL query optimizer, results show that the genetic algorithm is faster then a random generator to generate targeted testing cases