发布求助
文献互助 智能选刊 最新文献

Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering最新文献

筛选
英文 中文
A fault injection platform for learning AIOps models 一个学习AIOps模型的故障注入平台
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559503
F. Bagehorn, Jesus Rios, Saurabh Jha, Robert Filepp, L. Shwartz, Naoki Abe, Xi Yang
{"title":"A fault injection platform for learning AIOps models","authors":"F. Bagehorn, Jesus Rios, Saurabh Jha, Robert Filepp, L. Shwartz, Naoki Abe, Xi Yang","doi":"10.1145/3551349.3559503","DOIUrl":"https://doi.org/10.1145/3551349.3559503","url":null,"abstract":"In today’s IT environment with a growing number of costly outages, increasing complexity of the systems, and availability of massive operational data, there is a strengthening demand to effectively leverage Artificial Intelligence and Machine Learning (AI/ML) towards enhanced resiliency. In this paper, we present an automatic fault injection platform to enable and optimize the generation of data needed for building AI/ML models to support modern IT operations. The merits of our platform include the ease of use, the possibility to orchestrate complex fault scenarios and to optimize the data generation for the modeling task at hand. Specifically, we designed a fault injection service that (i) combines fault injection with data collection in a unified framework, (ii) supports hybrid and multi-cloud environments, and (iii) does not require programming skills for its use. Our current implementation covers the most common fault types both at the application and infrastructure levels. The platform also includes some AI capabilities. In particular, we demonstrate the interventional causal learning capability currently available in our platform. We show how our system is able to learn a model of error propagation in a micro-service application in a cloud environment (when the communication graph among micro-services is unknown and only logs are available) for use in subsequent applications such as fault localization.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"41 8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122037721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Study of User Privacy in Android Mobile AR Apps Android手机AR应用中的用户隐私问题研究
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3560512
Xiaoyi Yang, Xueling Zhang
{"title":"A Study of User Privacy in Android Mobile AR Apps","authors":"Xiaoyi Yang, Xueling Zhang","doi":"10.1145/3551349.3560512","DOIUrl":"https://doi.org/10.1145/3551349.3560512","url":null,"abstract":"With the development of augmented reality (AR) technology, the use of mobile AR applications (MAR apps) is rising rapidly in various aspects of people’s everyday lives, such as games, shopping, and education. When compared to traditional apps, AR apps typically need access to the smartphone’s camera all the time and collect and analyze significantly more data, such as sensor data, geolocation, and biometric information. Due to the sensitivity and volume of data collected by MAR apps, new privacy concerns are raised. In this paper, we describe a preliminary empirical study of Android MAR apps in terms of the sensitive data collected by MAR apps, whether the collected data is well protected, and whether the data practice is publicly available so that users can learn about the data safety and make informed decisions when deciding which apps to install. In this study, we analyzed 390 real-world MAR apps and reported the dangerous permissions they requested, the data leaks detected in them, and the availability of their data safety.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114964989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
DeepPerform: An Efficient Approach for Performance Testing of Resource-Constrained Neural Networks DeepPerform:一种有效的资源约束神经网络性能测试方法
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3561158
Simin Chen, Mirazul Haque, Cong Liu, Wei Yang
{"title":"DeepPerform: An Efficient Approach for Performance Testing of Resource-Constrained Neural Networks","authors":"Simin Chen, Mirazul Haque, Cong Liu, Wei Yang","doi":"10.1145/3551349.3561158","DOIUrl":"https://doi.org/10.1145/3551349.3561158","url":null,"abstract":"Today, an increasing number of Adaptive Deep Neural Networks (AdNNs) are being used on resource-constrained embedded devices. We observe that, similar to traditional software, redundant computation exists in AdNNs, resulting in considerable performance degradation. The performance degradation is dependent on the input and is referred to as input-dependent performance bottlenecks (IDPBs). To ensure an AdNN satisfies the performance requirements of resource-constrained applications, it is essential to conduct performance testing to detect IDPBs in the AdNN. Existing neural network testing methods are primarily concerned with correctness testing, which does not involve performance testing. To fill this gap, we propose DeepPerform, a scalable approach to generate test samples to detect the IDPBs in AdNNs. We first demonstrate how the problem of generating performance test samples detecting IDPBs can be formulated as an optimization problem. Following that, we demonstrate how DeepPerform efficiently handles the optimization problem by learning and estimating the distribution of AdNNs’ computational consumption. We evaluate DeepPerform on three widely used datasets against five popular AdNN models. The results show that DeepPerform generates test samples that cause more severe performance degradation (FLOPs: increase up to 552%). Furthermore, DeepPerform is substantially more efficient than the baseline methods in generating test inputs (runtime overhead: only 6–10 milliseconds).","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"121 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122652387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Coverage-based Greybox Fuzzing with Pointer Monitoring for C Programs 基于覆盖率的灰盒模糊与指针监控的C程序
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559566
Haibo Chen, Jinfu Chen
{"title":"Coverage-based Greybox Fuzzing with Pointer Monitoring for C Programs","authors":"Haibo Chen, Jinfu Chen","doi":"10.1145/3551349.3559566","DOIUrl":"https://doi.org/10.1145/3551349.3559566","url":null,"abstract":"C has been regarded as a dominant programming language for system software implementation. Meanwhile, it often suffers from various memory vulnerabilities due to its low-level memory control. Quite massive approaches are proposed to enhance memory security, among which Coverage-based Greybox Fuzzing (CGF) is very popular because of its practicality and satisfactory effectiveness. However, CGF identifies vulnerabilities based on the catched crashes, thus cannot detect vulnerabilities with non-crash. In this paper, we consider to trace pointer metadata (status, bounds and referents) to detect more various vulnerabilities. Additionally, since pointers in C are often directly related to memory operations, we design two standards to further use pointer metadata as the guidance of CGF, making fuzzing process target to the vulnerable part of programs.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123945505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
ASTOR: An Approach to Identify Security Code Reviews ASTOR:一种识别安全代码审查的方法
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559509
Rajshakhar Paul
{"title":"ASTOR: An Approach to Identify Security Code Reviews","authors":"Rajshakhar Paul","doi":"10.1145/3551349.3559509","DOIUrl":"https://doi.org/10.1145/3551349.3559509","url":null,"abstract":"During code reviews, software developers often raise security concerns if they find any. Ignoring such concerns can bring a severe impact on the performance of a software product. This risk can be reduced if we can automatically identify such code reviews that trigger security concerns so that we can perform additional scrutiny from the security experts. Therefore, the objective of this study is to develop an automated tool to identify code reviews that trigger security concerns. With this goal, I developed an approach named ASTOR, where I combine two separate deep learning-based classifiers– (i) using code review comments and (ii) using the corresponding code context, and make an ensemble using Logistic Regression. Based on stratified ten-fold cross-validation, the best ensemble model achieves the F1-score of 79.8% with an accuracy of 88.4% to automatically identify code reviews that raise security concerns.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129707562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
RESTCluster: Automated Crash Clustering for RESTful API RESTCluster: RESTful API的自动崩溃集群
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559511
Yi Liu
{"title":"RESTCluster: Automated Crash Clustering for RESTful API","authors":"Yi Liu","doi":"10.1145/3551349.3559511","DOIUrl":"https://doi.org/10.1145/3551349.3559511","url":null,"abstract":"RESTful API has been adopted by many other notable companies to provide cloud services. Quality assurance of RESTful API is essential. Several automated RESTful API testing techniques have been proposed to overcome this problem. However, automated tools often generate a large number of failed test cases. Since validating each test case is a lot of work for developers, automatic failure clustering is a promising solution to help debug cloud services. In this paper, we propose RESTCluster, a two-phase crash clustering approach. The preliminary evaluation result indicates that RESTCluster can achieve 100% precision in different sizes of subjects with a high recall.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129416407","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Global Decision Making Over Deep Variability in Feedback-Driven Software Development 反馈驱动软件开发中深度可变性的全局决策
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559551
J. Kienzle, B. Combemale, G. Mussbacher, Omar Alam, F. Bordeleau, Lola Burgueño, G. Engels, Jessie Galasso, J. Jézéquel, Bettina Kemme, Sébastien Mosser, H. Sahraoui, Maximilian Schiedermeier, Eugene Syriani
{"title":"Global Decision Making Over Deep Variability in Feedback-Driven Software Development","authors":"J. Kienzle, B. Combemale, G. Mussbacher, Omar Alam, F. Bordeleau, Lola Burgueño, G. Engels, Jessie Galasso, J. Jézéquel, Bettina Kemme, Sébastien Mosser, H. Sahraoui, Maximilian Schiedermeier, Eugene Syriani","doi":"10.1145/3551349.3559551","DOIUrl":"https://doi.org/10.1145/3551349.3559551","url":null,"abstract":"To succeed with the development of modern software, organizations must have the agility to adapt faster to constantly evolving environments to deliver more reliable and optimized solutions that can be adapted to the needs and environments of their stakeholders including users, customers, business, development, and IT. However, stakeholders do not have sufficient automated support for global decision making, considering the increasing variability of the solution space, the frequent lack of explicit representation of its associated variability and decision points, and the uncertainty of the impact of decisions on stakeholders and the solution space. This leads to an ad-hoc decision making process that is slow, error-prone, and often favors local knowledge over global, organization-wide objectives. The Multi-Plane Models and Data (MP-MODA) framework explicitly represents and manages variability, impacts, and decision points. It enables automation and tool support in aid of a multi-criteria decision making process involving different stakeholders within a feedback-driven software development process where feedback cycles aim to reduce uncertainty. We present the conceptual structure of the framework, discuss its potential benefits, and enumerate key challenges related to tool supported automation and analysis within MP-MODA.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128507143","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automatically Fixing Breaking Changes of Data Science Libraries 自动修复数据科学库的破坏性更改
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559507
Hailie Mitchell
{"title":"Automatically Fixing Breaking Changes of Data Science Libraries","authors":"Hailie Mitchell","doi":"10.1145/3551349.3559507","DOIUrl":"https://doi.org/10.1145/3551349.3559507","url":null,"abstract":"Data science libraries are updated frequently, and new version releases commonly include breaking changes. These are updates that cause existing code to not compile or run. Developers often use older versions of libraries because it is challenging to update the source code of large projects. We propose CombyInferPy, a new tool to automatically analyze and fix breaking changes in library APIs. CombyInferPy infers rules from the history of library source code in the form of Comby templates, a structural code search and replace tool that can automatically transform code. Preliminary results indicate CombyInferPy can update the pandas library Python code. Using the Comby rules inferred by CombyInferPy, we can automatically fix several failing tests and warnings. This shows this approach is promising to help developers update libraries.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130861134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Privacy Analysis of Period Tracking Mobile Apps in the Post-Roe v. Wade Era 后罗伊诉韦德时代时期跟踪移动应用程序的隐私分析
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3561343
Zikan Dong, Liu Wang, Hao Xie, Guoai Xu, Haoyu Wang
{"title":"Privacy Analysis of Period Tracking Mobile Apps in the Post-Roe v. Wade Era","authors":"Zikan Dong, Liu Wang, Hao Xie, Guoai Xu, Haoyu Wang","doi":"10.1145/3551349.3561343","DOIUrl":"https://doi.org/10.1145/3551349.3561343","url":null,"abstract":"To help people manage their health, period tracking apps have become very popular in recent years. However, the U.S. Supreme Court overturned Roe v. Wade on June 24, 2022. Abortion will be banned in more and more states. Since the health data stored in the period tracking apps can be used to infer whether the user has had or is considering an abortion, mobile users are worrying that these apps may disclose their sensitive information, which can be used to prosecute users. Although period tracking apps have received attention from the research community, no existing work has performed a systematic privacy analysis of these apps, especially in the Post-Roe v. Wade era. To fill the void, this paper presents a comprehensive privacy analysis of popular period tracking apps. We first collect 35 popular period tracking apps from Google Play. Then, we analyze the sensitive user data collected by the period tracking apps using traffic analysis and static analysis. Further we inspect their privacy policies and check the consistency of the privacy policy with the app’s behavior. In addition, we analyze the app reviews to understand the users’ concerns about the period tracking apps. Our study reveals that some period tracking apps have indeed collected sensitive information and have the potential to share the data with third-party authorities. It is urgent for these apps to take action to protect user privacy, and mobile users should pay special attention to this kind of apps they used.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131312213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Call Graph Evolution Analytics over a Version Series of an Evolving Software System 演化软件系统版本系列的呼叫图演化分析
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559573
Animesh Chaturvedi
{"title":"Call Graph Evolution Analytics over a Version Series of an Evolving Software System","authors":"Animesh Chaturvedi","doi":"10.1145/3551349.3559573","DOIUrl":"https://doi.org/10.1145/3551349.3559573","url":null,"abstract":"Software evolution analytics can be supported by generating and comparing call graph evolution information over versions of a software system. Call Graph evolution analytics can assist a software engineer when maintaining or evolving a software system. This paper proposes Call Graph Evolution Analytics to extract information from a set of Evolving Call Graphs ECG = {CG1, CG2,...CGN} representing a Version Series VS = {V1, V2,...VN} of an evolving software system. This is done using Call Graph Evolution Rules (CGERs) and Call Graph Evolution Subgraphs (CGESs). Similar to association rule mining, the CGERs are used to capture co-occurrences of dependencies in the system. Like subgraph patterns in a call graph, the CGESs are used to capture evolution of dependency patterns in evolving call graphs. Call graph analytics on the evolution in these patterns can identify potentially affected dependencies (or procedure calls) that need attention. The experiments are done on the evolving call graphs of 10 large evolving systems to support dependency evolution management. This is demonstrated with detailed results for evolving call graphs of Maven-Core’s version series.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"1989 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120849134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信