API Misuse Detection Method Based on Transformer

Jingbo Yang, Jian Ren, Wenjun Wu
{"title":"API Misuse Detection Method Based on Transformer","authors":"Jingbo Yang, Jian Ren, Wenjun Wu","doi":"10.1109/QRS57517.2022.00100","DOIUrl":null,"url":null,"abstract":"Software developers need to take advantage of a variety of APIs (application programming interface) in their programs to implement specific functions. The problem of API misuses often arises when developers have incorrect understandings about the new APIs without carefully reading API documents. In order to avoid software defects caused by API misuse, researchers have explored multiple methods, including using AI(artificial intelligence) technology.As a kind of neural network in AI, Transformer has a good sequence processing ability, and the self attention mechanism used by Transformer can better catch the relation in a sequence or between different sequences. Besides it has a good model interpretability. From the perspective of combining API misuse detection with AI, this paper implements a standard Transformer model and a target-combination Transformer model to the learning of API usage information in a named API call sequence extracted from API usage program code. Then we present in the paper the way that our models use API usage information to detect if an API is misused in code. We use F1, precision and recall to evaluate the detection ability and show the advantages of our models in these three indexes. Besides, our models based on Transformer both have a better convergence. Finally, this paper explains why the models based on Transformer has a better performance by showing attention weight among different elements in code.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS57517.2022.00100","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Software developers need to take advantage of a variety of APIs (application programming interface) in their programs to implement specific functions. The problem of API misuses often arises when developers have incorrect understandings about the new APIs without carefully reading API documents. In order to avoid software defects caused by API misuse, researchers have explored multiple methods, including using AI(artificial intelligence) technology.As a kind of neural network in AI, Transformer has a good sequence processing ability, and the self attention mechanism used by Transformer can better catch the relation in a sequence or between different sequences. Besides it has a good model interpretability. From the perspective of combining API misuse detection with AI, this paper implements a standard Transformer model and a target-combination Transformer model to the learning of API usage information in a named API call sequence extracted from API usage program code. Then we present in the paper the way that our models use API usage information to detect if an API is misused in code. We use F1, precision and recall to evaluate the detection ability and show the advantages of our models in these three indexes. Besides, our models based on Transformer both have a better convergence. Finally, this paper explains why the models based on Transformer has a better performance by showing attention weight among different elements in code.
基于变压器的API误用检测方法
软件开发人员需要在他们的程序中利用各种api(应用程序编程接口)来实现特定的功能。当开发人员在没有仔细阅读API文档的情况下对新API有不正确的理解时,就会出现API误用的问题。为了避免API误用导致的软件缺陷,研究人员探索了多种方法,包括使用AI(人工智能)技术。Transformer作为人工智能中的一种神经网络,具有良好的序列处理能力,其所采用的自关注机制可以更好地捕捉序列中的关系或不同序列之间的关系。并且具有良好的模型可解释性。本文从API误用检测与人工智能相结合的角度出发,实现了标准Transformer模型和目标组合Transformer模型,从API使用程序代码中提取命名的API调用序列,学习API使用信息。然后,我们在论文中介绍了我们的模型使用API使用信息来检测API是否在代码中被滥用的方法。我们用F1、precision和recall来评价检测能力,展示了我们的模型在这三个指标上的优势。此外,基于Transformer的模型都具有较好的收敛性。最后,通过显示代码中不同元素之间的关注权重,解释了基于Transformer的模型为何具有更好的性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信