Aiding Software Maintenance with Copy-and-Paste Clone-Awareness

2019 ◽

Vol 9 (5) ◽

pp. 3804

Author(s):

Dong Kwan Kim

Keyword(s):

Software Maintenance ◽

Control Flow ◽

Clone Detection ◽

Code Clones ◽

Software Developers ◽

Test Dataset ◽

Code Clone ◽

Copy And Paste ◽

Flow Graphs ◽

Similarity Scores

Code clones are syntactically or semantically equivalent code fragments of source code. Copy-and-paste programming allows software developers to improve development productivity, but it could produce code clones that can introduce non-trivial difficulties in software maintenance. In this paper, a code clone detection framework is presented with a feature extractor and a clone classifier using deep learning. The clone classifier is trained with true and false clones and then is tested with a test dataset to evaluate the performance of the proposed approach to clone detection. In particular, the proposed approach to clone detection uses Control Flow Graphs (CFGs) to extract features of a given code snippet. The selected features are used to compute similarity scores for comparing two code fragments. The clone classifier is trained and tested with similarity scores that quantify the degree of how similar two code fragments are. The experimental results demonstrate that using CFG features is a viable methodology in terms of the effectiveness of clone detection for both syntactic and semantic clones.

Download Full-text

Effects of Class-Structured Goals and Copy-and-Paste Function on College Students' Writing Performance

PsycEXTRA Dataset ◽

10.1037/e652632012-001 ◽

2012 ◽

Author(s):

Ya-Shu Yang ◽

Douglas F. Kauffman

Keyword(s):

College Students ◽

Writing Performance ◽

Copy And Paste

Download Full-text

Expert mental model for software maintenance

10.2514/6.1991-3804 ◽

1991 ◽

Author(s):

MOHAMED FAYAD

Keyword(s):

Mental Model ◽

Software Maintenance

Download Full-text

ADST Software Maintenance Manual for the Protocol Translator of Advanced Distributed Simulation Technology/Crew Station Research and Development Facility

10.21236/ada282819 ◽

1993 ◽

Author(s):

Anna Au-Yeung ◽

Chuck Kuczaj ◽

Rick Bright ◽

Lynn Thomson ◽

Lynn Mitchell

Keyword(s):

Research And Development ◽

Software Maintenance ◽

Distributed Simulation ◽

Simulation Technology

Download Full-text

Application of Formal Specification to Software Maintenance.

10.21236/ada311137 ◽

1990 ◽

Cited By ~ 2

Author(s):

Neel Madhav ◽

Sriram Sankar

Keyword(s):

Formal Specification ◽

Software Maintenance

Download Full-text

Software maintenance in fourth-generation language environments

Proceedings of the July 9-12, 1984, national computer conference and exposition on - AFIPS '84 ◽

10.1145/1499310.1499343 ◽

1984 ◽

Cited By ~ 1

Author(s):

Paul C. Tinnirello

Keyword(s):

Software Maintenance ◽

Fourth Generation

Download Full-text

Cut-and-Mouse and Ghost Control

Digital Threats: Research and Practice ◽

10.1145/3431286 ◽

2021 ◽

Vol 2 (1) ◽

pp. 1-23

Author(s):

Ziya Alper Genç ◽

Gabriele Lenzini ◽

Daniele Sgandurra

Keyword(s):

Winning Strategy ◽

Denial Of Service ◽

Behavioral Analysis ◽

Full Time ◽

Standard Code ◽

Additional Protection ◽

Protection Mechanisms ◽

Copy And Paste ◽

Digital Assets

To protect their digital assets from malware attacks, most users and companies rely on antivirus (AV) software. AVs’ protection is a full-time task against malware: This is similar to a game where malware, e.g., through obfuscation and polymorphism, denial of service attacks, and malformed packets and parameters, tries to circumvent AV defences or make them crash. However, AVs react by complementing signature-based detection with anomaly or behavioral analysis, and by using OS protection, standard code, and binary protection techniques. Further, malware counter-acts, for instance, by using adversarial inputs to avoid detection, and so on. In this cat-and-mouse game, a winning strategy is trying to anticipate the move of the adversary by looking into one’s own weaknesses, seeing how the adversary can penetrate them, and building up appropriate defences or attacks. In this article, we play the role of malware developers and anticipate two novel moves for the malware side to demonstrate the weakness in the AVs and to improve the defences in AVs’ side. The first one consists in simulating mouse events to control AVs, namely, to send them mouse “clicks” to deactivate their protection. We prove that many AVs can be disabled in this way, and we call this class of attacks Ghost Control . The second one consists in controlling whitelisted applications, such as Notepad, by sending them keyboard events (such as “copy-and-paste”) to perform malicious operations on behalf of the malware. We prove that the anti-ransomware protection feature of AVs can be bypassed if we use Notepad as a “puppet” to rewrite the content of protected files as a ransomware would do. Playing with the words, and recalling the cat-and-mouse game, we call this class of attacks Cut-and-Mouse . We tested these two attacks on 29 AVs, and the results show that 14 AVs are vulnerable to Ghost Control attack while all 29 AV programs tested are found vulnerable to Cut-and-Mouse . Furthermore, we also show some weaknesses in additional protection mechanisms of AVs, such as sandboxing and CAPTCHA verification. We have engaged with the affected AV companies, and we reported the disclosure communication with them and their responses.

Download Full-text