Scalable detection of semantic clones

Gabel, Mark; Jiang, Lingxiao; Su, Zhendong

doi:10.1145/1368088.1368132

Cited by 266 publications

(202 citation statements)

References 19 publications

Supporting

Mentioning

198

Contrasting

Unclassified

Order By: Relevance

“…Finally, it detects apps that are similar, considering both full and partial app similarity (Section 4.4). We base the first two stages of AnDarwin on the approaches of Jiang et al [23] and Gabel et al [20] to find code clones in a scalable manner. AnDarwin uses these results to detect library code and, ultimately, to detect similar apps.…”

Section: Methodsmentioning

confidence: 99%

“…Many approaches have been developed over the years to detect code clones [20,23,25,26]. A code clone is two or more segments of code that have the same semantics but come from different sources.…”

Section: Code Clones and Reuse Detectionmentioning

confidence: 99%

“…Early approaches considered code as a collection of strings, usually based on lines, and reported code clones based on identical lines [9]. More recently, DECKARD [23] and its successor [20] use the abstract syntax tree of a code base to create vectors which are then clustered to find similar subtrees.…”

Section: Code Clones and Reuse Detectionmentioning

confidence: 99%

See 2 more Smart Citations

AnDarwin: Scalable Detection of Semantically Similar Android Applications

Crussell

Gibler

Chen

2013

Lecture Notes in Computer Science

112

View full text Add to dashboard Cite

Abstract. The popularity and utility of smartphones rely on their vibrant application markets; however, plagiarism threatens the long-term health of these markets. We present a scalable approach to detecting similar Android apps based on their semantic information. We implement our approach in a tool called AnDarwin and evaluate it on 265,359 apps collected from 17 markets including Google Play and numerous thirdparty markets. In contrast to earlier approaches, AnDarwin has four advantages: it avoids comparing apps pairwise, thus greatly improving its scalability; it analyzes only the app code and does not rely on other information -such as the app's market, signature, or descriptionthus greatly increasing its reliability; it can detect both full and partial app similarity; and it can automatically detect library code and remove it from the similarity analysis. We present two use cases for AnDarwin: finding similar apps by different developers ("clones") and similar apps from the same developer ("rebranded"). In ten hours, AnDarwin detected at least 4,295 apps that have been the victims of cloning and 36,106 apps that are rebranded. By analyzing the clusters found by AnDarwin, we found 88 new variants of malware and identified 169 malicious apps based on differences in the requested permissions. Our evaluation demonstrates AnDarwin's ability to accurately detect similar apps on a large scale.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Code Clones and Reuse Detectionmentioning

confidence: 99%

See 1 more Smart Citation

AnDarwin: Scalable Detection of Semantically Similar Android Applications

Crussell

Gibler

Chen

2013

Lecture Notes in Computer Science

112

View full text Add to dashboard Cite

show abstract

“…Komondoor & Horwitz (2001) also used PDGs for clone detection and see the possibility to find non-contiguous clones as a main benefit. Gabel, Jiang & Su (2008) combined the analysis of dependence graphs with abstract syntax trees in the tool Deckard to better scale the approach.…”

Section: Related Workmentioning

confidence: 99%

“…By a similarity parameter it is possible to control whether only type-1/2 clones or type-3 clones are detected. Deckard is a stable tool used in other studies (Gabel, Jiang & Su, 2008;Jiang, Su & Chiu, 2007b) including the study we build on.…”

Section: Clone Detection Toolsmentioning

confidence: 99%

How are functionally similar code clones syntactically different? An empirical study and a benchmark

Wagner

Abdulkhaleq

Bogicevic

et al. 2016

PeerJ Computer Science

View full text Add to dashboard Cite

Background. Today, redundancy in source code, so-called ''clones'' caused by copy &paste can be found reliably using clone detection tools. Redundancy can arise also independently, however, not caused by copy&paste. At present, it is not clear how only functionally similar clones (FSC) differ from clones created by copy&paste. Our aim is to understand and categorise the syntactical differences in FSCs that distinguish them from copy&paste clones in a way that helps clone detection research. Methods. We conducted an experiment using known functionally similar programs in Java and C from coding contests. We analysed syntactic similarity with traditional detection tools and explored whether concolic clone detection can go beyond syntax. We ran all tools on 2,800 programs and manually categorised the differences in a random sample of 70 program pairs. Results. We found no FSCs where complete files were syntactically similar. We could detect a syntactic similarity in a part of the files in <16% of the program pairs. Concolic detection found 1 of the FSCs. The differences between program pairs were in the categories algorithm, data structure, OO design, I/O and libraries. We selected 58 pairs for an openly accessible benchmark representing these categories. Discussion. The majority of differences between functionally similar clones are beyond the capabilities of current clone detection approaches. Yet, our benchmark can help to drive further clone detection research.

show abstract

Clone refactoring inspection by summarizing clone refactorings and detecting inconsistent changes during software evolution

Chen

Kwon

Song

2018

J Software Evolu Process

View full text Add to dashboard Cite

It has been broadly assumed that removing code clones by refactorings would solve the problems of code duplication. Despite recent empirical studies on the benefit of refactorings, contradicting evidence shows that it is often difficult or impossible to remove clones by using standard refactoring techniques. Developers cannot easily determine which clones can be refactored or how they should be maintained scattered throughout a large code base in evolving systems. We propose pattern‐based clone refactoring inspection (PRI), a technique for managing clone refactorings. PRI summarizes refactorings of clones and detects clones that are not consistently refactored. To help developers refactor these anomalies, PRI also visualizes clone evolution and refactorings and fixes refactoring anomalies to prevent the clone group from being left in an inconsistent state. We evaluated PRI on 6 open‐source projects and showed that it identifies clone refactorings with 94.1% accuracy and detects inconsistent refactorings with 98.4% accuracy, tracking clone change histories. In a study with 10 student developers, the participants reported that flexible PRI's summarization and detection features can be valuable for novice developers to learn about refactorings to clones. These results show that PRI should improve developer productivity in inspecting clone refactorings distributed across multiple files in evolving systems.

show abstract

Scalable detection of semantic clones

Cited by 266 publications

References 19 publications

AnDarwin: Scalable Detection of Semantically Similar Android Applications

AnDarwin: Scalable Detection of Semantically Similar Android Applications

How are functionally similar code clones syntactically different? An empirical study and a benchmark

Clone refactoring inspection by summarizing clone refactorings and detecting inconsistent changes during software evolution

Contact Info

Product

Resources

About