56,314 research outputs found
Who you gonna call? Analyzing Web Requests in Android Applications
Relying on ubiquitous Internet connectivity, applications on mobile devices
frequently perform web requests during their execution. They fetch data for
users to interact with, invoke remote functionalities, or send user-generated
content or meta-data. These requests collectively reveal common practices of
mobile application development, like what external services are used and how,
and they point to possible negative effects like security and privacy
violations, or impacts on battery life. In this paper, we assess different ways
to analyze what web requests Android applications make. We start by presenting
dynamic data collected from running 20 randomly selected Android applications
and observing their network activity. Next, we present a static analysis tool,
Stringoid, that analyzes string concatenations in Android applications to
estimate constructed URL strings. Using Stringoid, we extract URLs from 30, 000
Android applications, and compare the performance with a simpler constant
extraction analysis. Finally, we present a discussion of the advantages and
limitations of dynamic and static analyses when extracting URLs, as we compare
the data extracted by Stringoid from the same 20 applications with the
dynamically collected data
SZZ Unleashed: An Open Implementation of the SZZ Algorithm -- Featuring Example Usage in a Study of Just-in-Time Bug Prediction for the Jenkins Project
Numerous empirical software engineering studies rely on detailed information
about bugs. While issue trackers often contain information about when bugs were
fixed, details about when they were introduced to the system are often absent.
As a remedy, researchers often rely on the SZZ algorithm as a heuristic
approach to identify bug-introducing software changes. Unfortunately, as
reported in a recent systematic literature review, few researchers have made
their SZZ implementations publicly available. Consequently, there is a risk
that research effort is wasted as new projects based on SZZ output need to
initially reimplement the approach. Furthermore, there is a risk that newly
developed (closed source) SZZ implementations have not been properly tested,
thus conducting research based on their output might introduce threats to
validity. We present SZZ Unleashed, an open implementation of the SZZ algorithm
for git repositories. This paper describes our implementation along with a
usage example for the Jenkins project, and conclude with an illustrative study
on just-in-time bug prediction. We hope to continue evolving SZZ Unleashed on
GitHub, and warmly invite the community to contribute
Classification of changes in API evolution
Applications typically communicate with each other, accessing and exposing data and features by using Application Programming Interfaces (APIs). Even though API consumers expect APIs to be steady and well established, APIs are prone to continuous changes, experiencing different evolutive phases through their lifecycle. These changes are of different types, caused by different needs and are affecting consumers in different ways. In this paper, we identify and classify the changes that often happen to APIs, and investigate how all these changes are reflected in the documentation, release notes, issue tracker and API usage logs. The analysis of each step of a change, from its implementation to the impact that it has on API consumers, will help us to have a bigger picture of API evolution. Thus, we review the current state of the art in API evolution and, as a result, we define a classification framework considering both the changes that may occur to APIs and the reasons behind them. In addition, we exemplify the framework using a software platform offering a Web API, called District Health Information System (DHIS2), used collaboratively by several departments of World Health Organization (WHO).Peer ReviewedPostprint (author's final draft
From Frequency to Meaning: Vector Space Models of Semantics
Computers understand very little of the meaning of human language. This
profoundly limits our ability to give instructions to computers, the ability of
computers to explain their actions to us, and the ability of computers to
analyse and process text. Vector space models (VSMs) of semantics are beginning
to address these limits. This paper surveys the use of VSMs for semantic
processing of text. We organize the literature on VSMs according to the
structure of the matrix in a VSM. There are currently three broad classes of
VSMs, based on term-document, word-context, and pair-pattern matrices, yielding
three classes of applications. We survey a broad range of applications in these
three categories and we take a detailed look at a specific open source project
in each category. Our goal in this survey is to show the breadth of
applications of VSMs for semantics, to provide a new perspective on VSMs for
those who are already familiar with the area, and to provide pointers into the
literature for those who are less familiar with the field
Analyzing repetitiveness in big code to support software maintenance and evolution
Software systems inevitably contain a large amount of repeated artifacts at different level of abstraction---from ideas, requirements, designs, algorithms to implementation. This dissertation focuses on analyzing software repetitiveness at implementation code level and leveraging the derived knowledge for easing tasks in software maintenance and evolution such as program comprehension, API use, change understanding, API adaptation and bug fixing. The guiding philosophy of this work is that, in a large corpus, code that conforms to specifications appears more frequently than code that does not, and similar code is changed similarly and similar code could have similar bugs that can be fixed similarly.
We have developed different representations for software artifacts at source code level, and the corresponding algorithms for measuring code similarity and mining repeated code. Our mining techniques bases on the key insight that code that conforms to programming patterns and specifications appears more frequently than code that does not. Thus, correct patterns and specifications can be mined from large code corpus. We also have built program differencing techniques for analyzing changes in software evolution. Our key insight is that similar code is likely changed in similar ways and similar code likely has similar bug(s) which can be fixed similarly. Therefore, learning changes and fixes from the past can help automatically detect and suggest changes/fixes to the repeated code in software development.
Our empirical evaluation shows that our techniques can accurately and efficiently detect repeated code, mine useful programming patterns and API specifications, and recommend changes. It can also detect bugs and suggest fixes, and provide actionable insights to ease maintenance tasks. Specifically, our code clone detection tool detects more meaningful clones than other tools. Our mining tools recover high quality programming patterns and API preconditions. The mined results have been used to successfully detect many bugs violating patterns and specifications in mature open-source systems. The mined API preconditions are shown to help API specification writer identify missing preconditions in already-specified APIs and start building preconditions for the not-yet-specified ones. The tools are scalable which analyze large systems in reasonable times. Our study on repeated changes give useful insights for program auto-repair tools. Our automated change suggestion approach achieves top-1 accuracy of 45%-51% which relatively improves more than 200% over the base approach. For a special type of change suggestion, API adaptation, our tool is highly correct and useful
Opportunities in Software Engineering Research for Web API Consumption
Nowadays, invoking third party code increasingly involves calling web
services via their web APIs, as opposed to the more traditional scenario of
downloading a library and invoking the library's API. However, there are also
new challenges for developers calling these web APIs. In this paper, we
highlight a broad set of these challenges and argue for resulting opportunities
for software engineering research to support developers in consuming web APIs.
We outline two specific research threads in this context: (1) web API
specification curation, which enables us to know the signatures of web APIs,
and (2) static analysis that is capable of extracting URLs, HTTP methods etc.
of web API calls. Furthermore, we present new work on how we combine (1) and
(2) to provide IDE support for application developers consuming web APIs. As
web APIs are used broadly, research in supporting the consumption of web APIs
offers exciting opportunities.Comment: Erik Wittern and Annie Ying are both first author
- …