scholarly journals Guided pattern mining for API misuse detection by change-based code analysis

2021 ◽  
Vol 28 (2) ◽  
Author(s):  
Sebastian Nielebock ◽  
Robert Heumüller ◽  
Kevin Michael Schott ◽  
Frank Ortmeier

AbstractLack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or software crashes. Therefore, current research aims to automatically detect such misuses by comparing the way a developer used an API to previously inferred patterns of the correct API usage. While research has made significant progress, these techniques have not yet been adopted in practice. In part, this is due to the lack of a process capable of seamlessly integrating with software development processes. Particularly, existing approaches do not consider how to collect relevant source code samples from which to infer patterns. In fact, an inadequate collection can cause API usage pattern miners to infer irrelevant patterns which leads to false alarms instead of finding true API misuses. In this paper, we target this problem (a) by providing a method that increases the likelihood of finding relevant and true-positive patterns concerning a given set of code changes and agnostic to a concrete static, intra-procedural mining technique and (b) by introducing a concept for just-in-time API misuse detection which analyzes changes at the time of commit. Particularly, we introduce different, lightweight code search and filtering strategies and evaluate them on two real-world API misuse datasets to determine their usefulness in finding relevant intra-procedural API usage patterns. Our main results are (1) commit-based search with subsequent filtering effectively decreases the amount of code to be analyzed, (2) in particular method-level filtering is superior to file-level filtering, (3) project-internal and project-external code search find solutions for different types of misuses and thus are complementary, (4) incorporating prior knowledge of the misused API into the search has a negligible effect.

2021 ◽  
Author(s):  
Shamsa Abid ◽  
Shafay Shamail ◽  
Hamid Abdul Basit ◽  
Sarah Nadi

Abstract To save time, developers often search for code examples that implement their desired software features. Existing code search techniques typically focus on finding code snippets for a single given query, which means that developers need to perform a separate search for each desired functionality. In this paper, we pro-pose FACER (Feature-driven API usage-based Code Examples Recommender), a technique that avoids repeated searches through opportunistic reuse. Specifically, given the selected code snippet that matches the initial search query, FACER finds and suggests related code snippets that represent features that the developer may want to implement next. FACER first constructs a code fact repository by parsing the source code of open-source Java projects to obtain methods’ textual information, call graphs, and Application Programming Interface (API) usages. It then detects unique features by clustering methods based on similar API us-ages, where each cluster represents a feature or functionality. Finally, it detects frequently co-occurring features across projects using frequent pattern mining and recommends related methods from the mined patterns. To evaluate FACER, we run it on 120 Java Android apps from GitHub. We first manually validate that the detected method clusters represent methods with similar functionality. We then perform an automated evaluation to determine the best parameters (e.g., similarity threshold) for FACER. We recruit 10 professional developers along with 39 experienced students to judge FACER’s recommendation of related methods. Our results show that, on average, FACER’s recommendations are 80% precise. We also survey a total of 20 professional Android and Java developers to understand their code search and reuse experiences, and also to obtain their feedback on the usability and usefulness of FACER. The survey results show that 95% of our surveyed professional developers find the idea of related method recommendations useful during code reuse.


Author(s):  
Liqiong Chen ◽  
Shilong Song ◽  
Can Wang

Just-in-time software defect prediction (JIT-SDP) is a fine-grained software defect prediction technology, which aims to identify the defective code changes in software systems. Effort-aware software defect prediction is a software defect prediction technology that takes into consideration the cost of code inspection, which can find more defective code changes in limited test resources. The traditional effort-aware defect prediction model mainly measures the effort based on the number of lines of code (LOC) and rarely considers additional factors. This paper proposes a novel effort measure method called Multi-Metric Joint Calculation (MMJC). When measuring the effort, MMJC takes into account not only LOC, but also the distribution of modified code across different files (Entropy), the number of developers that changed the files (NDEV) and the developer experience (EXP). In the simulation experiment, MMJC is combined with Linear Regression, Decision Tree, Random Forest, LightGBM, Support Vector Machine and Neural Network, respectively, to build the software defect prediction model. Several comparative experiments are conducted between the models based on MMJC and baseline models. The results show that indicators ACC and [Formula: see text] of the models based on MMJC are improved by 35.3% and 15.9% on average in the three verification scenarios, respectively, compared with the baseline models.


Author(s):  
Volkan Çalışkan ◽  
Özgürol Öztürk ◽  
Kerem Rızvanoğlu

Mobile technology is a new frontier for accessibility. Although mobile developers need solid guidelines to provide accessible experiences, there is a limited number of empirical research on mobile accessibility of different mobile platforms that work through various assistive technologies. In this context, more information is needed to understand both usage patterns and hardware/software platforms to guide decisions to meet the needs of people with disabilities who use mobile devices. This study, which is a pilot study of a long-term research, evaluates the accessibility of selected built-in and third party iOS applications in the iPhone and iPad through an extensive accessibility test with two blind users who are novice users of touchscreen mobile devices. This qualitative study is based on a multi-method approach, which consists of a background questionnaire, task observation, and a structured debriefing interview. The study also employs observation methods of data collection in order to gain better insight in mobile accessibility. The participants are demanded to execute three different tasks on each platform by using VoiceOver, which is the built-in screen reader in iOS. The participants are observed during the task executions and the “think aloud” procedure and video recording of the participants collected additional data. A short debriefing interview was also made to gain a detailed insight into the user experience. The findings reveal significant accessibility problems caused specifically by design of the graphical user interface features of the applications and limitations of the screen reader. Finally, as part of future research directions, preliminary guidelines are proposed to improve accessibility for iOS applications in both platforms.


Author(s):  
Hao Zhong ◽  
Tao Xie ◽  
Lu Zhang ◽  
Jian Pei ◽  
Hong Mei
Keyword(s):  

2016 ◽  
Vol 10 (5) ◽  
pp. 762-767 ◽  
Author(s):  
Thomas D. Kirsch ◽  
Ryan Circh ◽  
Richard A. Bissell ◽  
Matthew Goldfeder

AbstractObjectivePersonal preparedness is a core activity but has been found to be frequently inadequate. Smart phone applications have many uses for the public, including preparedness. In 2012 the American Red Cross began releasing “disaster” apps for family preparedness and recovery. The Hurricane App was widely used during Hurricane Sandy in 2012.MethodsPatterns of download of the application were analyzed by using a download tracking tool by the American Red Cross and Google Analytics. Specific variables included date, time, and location of individual downloads; number of page visits and views; and average time spent on pages.ResultsAs Hurricane Sandy approached in late October, daily downloads peaked at 152,258 on the day of landfall and by mid-November reached 697,585. Total page views began increasing on October 25 with over 4,000,000 page views during landfall compared to 3.7 million the first 3 weeks of October with a 43,980% increase in views of the “Right Before” page and a 76,275% increase in views of the “During” page.ConclusionsThe Hurricane App offered a new type of “just-in-time” training that reached tens of thousands of families in areas affected by Hurricane Sandy. The app allowed these families to access real-time information before and after the storm to help them prepare and recover. (Disaster Med Public Health Preparedness. 2016;page 1 of 6)


2019 ◽  
Vol 17 (2) ◽  
Author(s):  
Abdullah 'Azzam

<div><p><em>Information related to tourist attractions is needed by tourists. The information can be seen through brochures and internet that has been provided by the government, the manager of the object or by a third party. Information technology is very helpful in memeberikan information needed by tourists. Augmented Reality (AR) has many advantages that can make the information provided to users more effective and efficient. Among them is by using a markerless method that can extend the detection range of AR applications so that tourists can search information from all tourist objects just by doing the scanning process. Like just in time philosophy, AR applications can be used to get the information as needed. Both of the desired tourist attraction information and in terms of connectivity required. In this research has resulted AR application with markerless method that can detect tourist object like monument from several side. In addition AR applications are created to recognize different objects so there is no error in providing information. No internet connectivity is needed in the early detection process and can use internet connectivity when needed, such as when looking for hotel room availability information.</em></p></div>


Sign in / Sign up

Export Citation Format

Share Document