Active Learning of Discriminative Subgraph Patterns for API Misuse Detection

Kang, Hong Jin; Lo, David

doi:10.1109/tse.2021.3069978

Cited by 9 publications

(15 citation statements)

References 79 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3.1. For RQ3, we additionally incorporated the AU500 dataset 4 by Kang et al consisting of 500 API usages manually labeled correct and incorrect API usages (Kang and Lo 2021). Moreover, we explain how we obtained the API misuse-introducing commits and the respective API Usage Graphs, the intermediate data representation, based on the implementation by Amann (2018) 5 .…”

Section: Discussionmentioning

confidence: 99%

“…To this end, we search for source code files with similar but correct API usages regarding the changed code and further filter these using different strategies. We compared these strategies by using known, real-word API misuses and their respected fixes from the two benchmarks MUBench (Amann et al 2016) and the AU500 (Kang and Lo 2021). In particular, we determine how frequently the known (or similar) fixes are found in the filtered sets and use this information to identify the best strategy (i.e., that with the highest relative frequency).…”

Section: Motivationmentioning

confidence: 99%

“…Thus, we kept 37 misuses for our analysis. The AU500 consists of 500 manually labeled API usages from 16 open-source projects (Kang and Lo 2021). These projects are disjunct from those of the MUBench dataset, and thus, this dataset is well suited for an independent validation.…”

Section: Data Acquisition and Processingmentioning

confidence: 99%

“…In a second experiment, we analyze the effect of the filtering on each API usage in the AU500 dataset (Kang and Lo 2021). For that purpose, we conducted the internal and external code search for each method (including the exclusion steps as discussed before), applied the selected search and filter strategy (i.e., all imports, sr = 0.5 , and method filtering), and mined usage patterns for the filtered and non-filtered case.…”

Section: Misusementioning

confidence: 99%

“…Finally, we analyzed the effect of the previous searching and filtering on the violation detection by MUDetect (Amann 2018;Amann et al 2019) applied on the AU500 dataset by Kang and Lo (2021). Table 7 summarizes our results, by individually depicting the results of externally and internally searched code as well as a cascaded approach by applying both search strategies.…”

Section: Misusementioning

confidence: 99%

See 4 more Smart Citations

Guided pattern mining for API misuse detection by change-based code analysis

et al. 2021

View full text Add to dashboard Cite

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or software crashes. Therefore, current research aims to automatically detect such misuses by comparing the way a developer used an API to previously inferred patterns of the correct API usage. While research has made significant progress, these techniques have not yet been adopted in practice. In part, this is due to the lack of a process capable of seamlessly integrating with software development processes. Particularly, existing approaches do not consider how to collect relevant source code samples from which to infer patterns. In fact, an inadequate collection can cause API usage pattern miners to infer irrelevant patterns which leads to false alarms instead of finding true API misuses. In this paper, we target this problem (a) by providing a method that increases the likelihood of finding relevant and true-positive patterns concerning a given set of code changes and agnostic to a concrete static, intra-procedural mining technique and (b) by introducing a concept for just-in-time API misuse detection which analyzes changes at the time of commit. Particularly, we introduce different, lightweight code search and filtering strategies and evaluate them on two real-world API misuse datasets to determine their usefulness in finding relevant intra-procedural API usage patterns. Our main results are (1) commit-based search with subsequent filtering effectively decreases the amount of code to be analyzed, (2) in particular method-level filtering is superior to file-level filtering, (3) project-internal and project-external code search find solutions for different types of misuses and thus are complementary, (4) incorporating prior knowledge of the misused API into the search has a negligible effect.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Motivationmentioning

confidence: 99%

Section: Data Acquisition and Processingmentioning

confidence: 99%

Section: Misusementioning

confidence: 99%

Section: Misusementioning

confidence: 99%

See 3 more Smart Citations