scholarly journals JavaDL: automatically incrementalizing Java bug pattern detection

2021 ◽  
Vol 5 (OOPSLA) ◽  
pp. 1-31
Author(s):  
Alexandru Dura ◽  
Christoph Reichenbach ◽  
Emma Söderberg
Keyword(s):  
Pattern Matching ◽  
General Purpose ◽  
Specification Language ◽  
Pattern Detection ◽  
Software Developers ◽  
Syntactic Pattern ◽  
Benchmark Suite ◽  
Support Software ◽  
Logical Rules ◽  
Java Code

Static checker frameworks support software developers by automatically discovering bugs that fit general-purpose bug patterns. These frameworks ship with hundreds of detectors for such patterns and allow developers to add custom detectors for their own projects. However, existing frameworks generally encode detectors in imperative specifications, with extensive details of not only what to detect but also how . These details complicate detector maintenance and evolution, and also interfere with the framework’s ability to change how detection is done, for instance, to make the detectors incremental. In this paper, we present JavaDL, a Datalog-based declarative specification language for bug pattern detection in Java code. JavaDL seamlessly supports both exhaustive and incremental evaluation from the same detector specification. This specification allows developers to describe local detector components via syntactic pattern matching , and nonlocal (e.g., interprocedural) reasoning via Datalog-style logical rules . We compare our approach against the well-established SpotBugs and Error Prone tools by re-implementing several of their detectors in JavaDL. We find that our implementations are substantially smaller and similarly effective at detecting bugs on the Defects4J benchmark suite, and run with competitive runtime performance. In our experiments, neither incremental nor exhaustive analysis can consistently outperform the other, which highlights the value of our ability to transparently switch execution modes. We argue that our approach showcases the potential of clear-box static checker frameworks that constrain the bug detector specification language to enable the framework to adapt and enhance the detectors.

scholarly journals A Review on Methods for Prevention of SQL Injection Attack

2019 ◽  
pp. 463-470 ◽  
Author(s):  
Sweta Raut ◽  
Akshay Nikhare ◽  
Yogesh Punde ◽  
Snehal Manerao ◽  
Shubham Choudhary
Keyword(s):  
Pattern Matching ◽  
Programming Language ◽  
Web Applications ◽  
General Purpose ◽  
Sql Injection ◽  
Matching Algorithm ◽  
Low Level ◽  
Persistent Data ◽  
Sql Injection Attack ◽  
Pattern Matching Algorithm

Web applications generally interact with backend information to retrieve persistent data and then present the information to the user as dynamically generated output, like HTML websites. This communication is commonly done through a low–level API by dynamically constructing query strings within a general-purpose programming language. SQL Injection Attack (SQLIA) is one of the very serious threats to web applications. This paper is a review on preventing technique for a SQL injection attack which can secure web applications against SQLimplantation. This paper also demonstrates a technique for preventing SQL Injection Attack (SQLIA) using Aho–Corasick pattern matching algorithm

scholarly journals A Survey of parallel intrusion detection on graphical processors

2014 ◽  
Vol 4 (4) ◽  
Author(s):  
Liberios Vokorokos ◽  
Michal Ennert ◽  
Marek >Čajkovský ◽  
Ján Radušovský
Keyword(s):  
Intrusion Detection ◽  
Pattern Matching ◽  
Graphics Processing Units ◽  
Academic Research ◽  
General Purpose ◽  
Intrusion Detection Systems ◽  
Detection Techniques ◽  
Detection Systems ◽  
Common Technique ◽  
Graphics Processing

AbstractIntrusion detection is enormously developing field of informatics. This paper provides a survey of actual trends in intrusion detection in academic research. It presents a review about the evolution of intrusion detection systems with usage of general purpose computing on graphics processing units (GPGPU). There are many detection techniques but only some of them bring advantages of parallel computing implementation to graphical processors (GPU). The most common technique transformed into GPU is the technique of pattern matching. There is a number of intrusion detection tools using GPU tested in real network traffic.

scholarly journals Assessment of off-the-shelf SE-specific sentiment analysis tools: An extended replication study

2021 ◽  
Vol 26 (4) ◽  
Author(s):  
Nicole Novielli ◽  
Fabio Calefato ◽  
Filippo Lanubile ◽  
Alexander Serebrenik
Keyword(s):  
Software Engineering ◽  
Sentiment Analysis ◽  
Empirical Studies ◽  
General Purpose ◽  
Human Communication ◽  
Software Projects ◽  
Software Developers ◽  
Fine Grain ◽  
Analysis Tools

AbstractSentiment analysis methods have become popular for investigating human communication, including discussions related to software projects. Since general-purpose sentiment analysis tools do not fit well with the information exchanged by software developers, new tools, specific for software engineering (SE), have been developed. We investigate to what extent off-the-shelf SE-specific tools for sentiment analysis mitigate the threats to conclusion validity of empirical studies in software engineering, highlighted by previous research. First, we replicate two studies addressing the role of sentiment in security discussions on GitHub and in question-writing on Stack Overflow. Then, we extend the previous studies by assessing to what extent the tools agree with each other and with the manual annotation on a gold standard of 600 documents. We find that different SE-specific sentiment analysis tools might lead to contradictory results at a fine-grain level, when used off-the-shelf. Conversely, platform-specific tuning or retraining might be needed to take into account differences in platform conventions, jargon, or document lengths.

scholarly journals Work Motion Recognition by using Syntactic Pattern Matching

2003 ◽  
Vol 69 (12) ◽  
pp. 1790-1795 ◽  
Author(s):  
Daigo MISAKI ◽  
Toshitake TATENO ◽  
Shigeru AOMURA
Keyword(s):  
Pattern Matching ◽  
Motion Recognition ◽  
Syntactic Pattern

scholarly journals Standardization of Terms Applying Finite-State Transducers (FST)

2009 ◽  
pp. 102-112 ◽  
Author(s):  
Carmen Galvez
Keyword(s):  
Pattern Matching ◽  
Equivalence Relations ◽  
Finite State Transducers ◽  
Syntactic Pattern ◽  
Finite State ◽  
Standardization Process ◽  
Text Database ◽  
Basic Approaches ◽  
Search For Information ◽  
Standardization Methods

This chapter presents the different standardization methods of terms at the two basic approaches of nonlinguistic and linguistic techniques, and sets out to justify the application of processes based on finitestate transducers (FST). Standardization of terms is the procedure of matching and grouping together variants of the same term that are semantically equivalent. A term variant is a text occurrence that is conceptually related to an original term and can be used to search for information in a text database. The uniterm and multiterm variants can be considered equivalent units for the purposes of automatic indexing. This chapter describes the computational and linguistic base of the finite-state approach, with emphasis on the influence of the formal language theory in the standardization process of uniterms and multiterms. The lemmatization and the use of syntactic pattern-matching, through equivalence relations represented in FSTs, are emerging methods for the standardization of terms.

scholarly journals A lexico-syntactic Pattern Matching Method to Extract Idm- Triz Knowledge from On-line Patent Databases

2015 ◽  
Vol 131 ◽  
pp. 418-425 ◽  
Author(s):  
Achille Souili ◽  
Denis Cavallucci ◽  
François Rousselot
Keyword(s):  
Pattern Matching ◽  
Matching Method ◽  
Syntactic Pattern ◽  
On Line
Sign in / Sign up

Export Citation Format

Share Document