在识别有风险的代码时，偏离完美是比接近邪恶更好的标准

Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2010-09-20 DOI:10.1145/1858996.1859015

M. Kessentini, S. Vaucher, H. Sahraoui

{"title":"在识别有风险的代码时，偏离完美是比接近邪恶更好的标准","authors":"M. Kessentini, S. Vaucher, H. Sahraoui","doi":"10.1145/1858996.1859015","DOIUrl":null,"url":null,"abstract":"We propose an approach for the automatic detection of potential design defects in code. The detection is based on the notion that the more code deviates from good practices, the more likely it is bad. Taking inspiration from artificial immune systems, we generated a set of detectors that characterize different ways that a code can diverge from good practices. We then used these detectors to measure how far code in assessed systems deviates from normality. We evaluated our approach by finding potential defects in two open-source systems (Xerces-J and Gantt). We used the library JHotDraw as the code base representing good design/programming practices. In both systems, we found that 90% of the riskiest classes were defects, a precision far superiour to state of the art rule-based approaches.","PeriodicalId":341489,"journal":{"name":"Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"74","resultStr":"{\"title\":\"Deviance from perfection is a better criterion than closeness to evil when identifying risky code\",\"authors\":\"M. Kessentini, S. Vaucher, H. Sahraoui\",\"doi\":\"10.1145/1858996.1859015\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose an approach for the automatic detection of potential design defects in code. The detection is based on the notion that the more code deviates from good practices, the more likely it is bad. Taking inspiration from artificial immune systems, we generated a set of detectors that characterize different ways that a code can diverge from good practices. We then used these detectors to measure how far code in assessed systems deviates from normality. We evaluated our approach by finding potential defects in two open-source systems (Xerces-J and Gantt). We used the library JHotDraw as the code base representing good design/programming practices. In both systems, we found that 90% of the riskiest classes were defects, a precision far superiour to state of the art rule-based approaches.\",\"PeriodicalId\":341489,\"journal\":{\"name\":\"Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-09-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"74\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1858996.1859015\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1858996.1859015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 74

摘要

我们提出了一种自动检测代码中潜在设计缺陷的方法。这种检测是基于这样的概念:代码偏离好的实践越多，它就越有可能是坏的。从人工免疫系统中获得灵感，我们生成了一组检测器，这些检测器描述了代码偏离良好实践的不同方式。然后，我们使用这些检测器来测量被评估系统中的代码偏离正常的程度。我们通过在两个开源系统(Xerces-J和Gantt)中发现潜在缺陷来评估我们的方法。我们使用JHotDraw库作为代表良好设计/编程实践的代码库。在这两个系统中，我们发现90%最危险的类都是缺陷，这种精确度远远优于基于规则的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Deviance from perfection is a better criterion than closeness to evil when identifying risky code

We propose an approach for the automatic detection of potential design defects in code. The detection is based on the notion that the more code deviates from good practices, the more likely it is bad. Taking inspiration from artificial immune systems, we generated a set of detectors that characterize different ways that a code can diverge from good practices. We then used these detectors to measure how far code in assessed systems deviates from normality. We evaluated our approach by finding potential defects in two open-source systems (Xerces-J and Gantt). We used the library JHotDraw as the code base representing good design/programming practices. In both systems, we found that 90% of the riskiest classes were defects, a precision far superiour to state of the art rule-based approaches.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering

自引率

0.00%

发文量