DDoS Attacks Detection Method Using Feature Importance and Support Vector Machine

In this study, the author wants to prove the combination of feature importance and support vector machine relevant to detecting distributed denial-of-service attacks. A distributed denial-of-service attack is a very dangerous type of attack because it causes enormous losses to the victim server. The study begins with determining network traffic features, followed by collecting datasets. The author uses 1000 randomly selected network traffic datasets for the purposes of feature selection and modeling. In the next stage, feature importance is used to select relevant features as modeling inputs based on support vector machine algorithms. The modeling results were evaluated using a confusion matrix table. Based on the evaluation using the confusion matrix, the score for the recall is 93 percent, precision is 95 percent, and accuracy is 92 percent. The author also compares the proposed method to several other methods. The comparison results show the performance of the proposed method is at a fairly good level in detecting distributed denial-of-service attacks. We realized this result was influenced by many factors, so further studies are needed in the future

Automatic Classification of Equivalent Mutants in Mutation Testing of Android Applications

Software and symmetric testing methodologies are primarily used in detecting software defects, but these testing methodologies need to be optimized to mitigate the wasting of resources. As mobile applications are becoming more prevalent in recent times, the need to have mobile applications that satisfy software quality through testing cannot be overemphasized. Testing suites and software quality assurance techniques have also become prevalent, which underscores the need to evaluate the efficacy of these tools in the testing of the applications. Mutation testing is one such technique, which is the process of injecting small changes into the software under test (SUT), thereby creating mutants. These mutants are then tested using mutation testing techniques alongside the SUT to determine the effectiveness of test suites through mutation scoring. Although mutation testing is effective, the cost of implementing it, due to the problem of equivalent mutants, is very high. Many research works gave varying solutions to this problem, but none used a standardized dataset. In this research work, we employed a standard mutant dataset tool called MutantBench to generate our data. Subsequently, an Abstract Syntax Tree (AST) was used in conjunction with a tree-based convolutional neural network (TBCNN) as our deep learning model to automate the classification of the equivalent mutants to reduce the cost of mutation testing in software testing of android applications. The result shows that the proposed model produces a good accuracy rate of 94%, as well as other performance metrics such as recall (96%), precision (89%), F1-score (92%), and Matthew’s correlation coefficients (88%) with fewer False Negatives and False Positives during testing, which is significant as it implies that there is a decrease in the risk of misclassification.publishedVersio

Towards automatic context-aware summarization of code entities

Software developers are working with different methods and classes and in order to understand those that perplex them and–or that are part of their tasks, they need to tackle with a huge amount of information. Therefore, providing developers with high-quality summaries of code entities can help them during their maintenance and evolution tasks. To provide useful information about the purpose of code entities, informal documentation (Stack Overflow) has been shown to be an important source of information that can be leveraged. In this study, we investigate bug reports as a type of informal documentation and we apply machine learning to produce summaries of code entities (methods and classes) in bug reports. In the proposed approach, code entities are extracted using a technique in a form of an island parser that we implemented to identify code in bug reports. Additionally, we applied machine learning to select a set of useful sentences that will be part of the code entities’ summaries. We have used logistic regression as our machine learning technique to rank sentences based on their importance. To this aim, a corpus of sentences is built based on the occurrence of code entities in the sentences belonging to bug reports containing the code entities in question. In the last step, summaries have been evaluated using surveys to estimate the quality of produced summaries. The results show that the automatically produced summaries can reduce time and effort to understand the usage of code entities. Specifically, the majority of participants found summaries extremely helpful to decrease the understanding time (43.5%) and the effort to understand the code entities (39.1%). In the future, summaries can be produced by using other informal documentation such as mailing lists or stack overflow, etc. Additionally, the approach can be applied in practical settings. Consequently, it can be used within an IDE such as Eclipse to assist developers during their software maintenance and evolution tasks

Exploiting Program Dependence Graph for Source Code Classification by Functionality

In many software engineering problems, such as code clone detection, fault prediction, and source code classification, software metrics based approaches are not suitable because they cannot capture precise semantic information of source code. Therefore reseachers have been using abstract syntax trees (ASTs) and program dependence graphs (PDGs) to solve such kind of problems. Previous studies show that a Tree-based convolutional neural network (TBCNN) outperforms other methods to solve source code classification problem. TBCNN uses ASTs to extract underlying meaning of source code. This paper aims to solve source code classification problem using PDGs in addition to ASTs. We present a novel neural network model which is implemented by extending TBCNN. Our model exploits ASTs and PDGs to obtain structural and semantic information of source code. We evaluate our model based on classifying source code by functionality. The dataset contains 104 programming problems and each problem includes 500 programs. Our model achieves over 95% accuracy which is higher than TBCNN’s one. We also survey importance of each dependence and our experiment suggests that the control dependence is the most valuable for extracting semantic features from source code

Hint generation in programming tutors

Programming is increasingly recognized as a useful and important skill. Online programming courses that have appeared in the past decade have proven extremely popular with a wide audience. Learning in such courses is however not as effective as working directly with a teacher, who can provide students with immediate relevant feedback. The field of intelligent tutoring systems seeks to provide such feedback automatically. Traditionally, tutors have depended on a domain model defined by the teacher in advance. Creating such a model is a difficult task that requires a lot of knowledgeengineering effort, especially in complex domains such as programming. A potential solution to this problem is to use data-driven methods. The idea is to build the domain model by observing how students have solved an exercise in the past. New students can then be given feedback that directs them along successful solution paths. Implementing this approach is particularly challenging for programming domains, since the only directly observable student actions are not easily interpretable. We present two novel approaches to creating a domain model for programming exercises in a data-driven fashion. The first approach models programming as a sequence of textual rewrites, and learns rewrite rules for transforming programs. With these rules new student-submitted programs can be automatically debugged. The second approach uses structural patterns in programs’ abstract syntax trees to learn rules for classifying submissions as correct or incorrect. These rules can be used to find erroneous parts of an incorrect program. Both models support automatic hint generation. We have implemented an online application for learning programming and used it to evaluate both approaches. Results indicate that hints generated using either approach have a positive effect on student performance