Abstract:A large number of widespread source systems make the security of source code of software increasingly important. Multi-variable access correlation rules are mined by the path-sensitive method and the defects caused by inconsistent access to correlated variables are detected automatically in the large-scale source code systems. Multi-variable access correlations can be mined via logical information of source code and sensitive path information, which avoids fault from the insensitive path method. The effective solutions to the uneven distribution of path weight and the path explosion problems are presented. The presented method is verified by Linux system, and the experimental result shows that it mines correct multi-variable access correlations.
[1] Lu Shan,Park S,Hu Chongfeng,et al.MUVI: Automatically Inferring Multi-Variable Access Correlations and Detecting Related Semantic and Concurrency Bugs // Proc of the 21st ACM SIGOPS Symposium on Operating Systems Principles.Skamania Lodge,USA,2007: 103-116 [2] Li Zhenmin,Zhou Yuanyuan.PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code // Proc of the 10th European Software Engineering Conference Held Jointly with 13th ACM SGSOFT International Symposium on Foundations of Software Engineering.Lisbon,Portugal,2005: 306-315 [3] Li Zhenmin,Lu Shan,Myagmar S,et al.CP-Miner: A Tool for Finding Copy Paste and Related Bugs in Operating System Code // Proc of the 6th Conference on Operating Systems Design and Implementation.San Francisco,USA,2004,VI: 289-302 [4] Wasylkowski A,Zeller A,Lindig C.Detecting Object Usage Anomalies // Proc of the 6th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering.Dubrovnik,Croatia,2007: 35-44 [5] Xie Tao,Pei Jian.MAPO: Mining API Usages from Open Source Repositories // Proc of the 3rd International Workshop on Mining Software Repositories.Shanghai,China,2006: 54-57 [6] Chang R Y,Podgurski A,Yang Jiong.Finding Whats Not There: A New Approach to Revealing Neglected Conditions in Software // Proc of the International Symposium on Software Testing and Analysis. London,UK,2007: 163-170 [7] Novillo D.Tree SSA-A New High-Level Optimization Framework for GCC [EB/OL].[2003-05-21].http://www.airs.com/dnovillo/Papers/tree-ssa-gccs03-slides.pdf [8] Wang Jianyong,Han Jiawei,Pei Jian.CLOSET+:Searching for the Best Strategies for Mining Frequent Closed Itemsets // Proc of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.Washington,USA,2003: 236-245 [9] Han Jiawei,Kamber M.Data Mining: Concepts and Techniques.New York,USA: Morgan-Kaufman,2007 [10] Livshits V B,Zimmermann T.DynaMine: Finding Common Error Patterns by Mining Software Revision Histories // Proc of the 10th European Software Engineering Conference Held Jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering.Lisbon,Portugal,2005: 296-305 [11] Liu Chao,Chen Chen,Han Jiawei,et al.GPLAG: Detection of Software Plagiarism by Procedure Dependency Graph Analysis // Proc of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining,Philadelphia,USA,2006: 872-881 [12] Engler D,Chen D Y,Hallem S,et al.Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code // Proc of the 18th ACM Symposium on Operating Systems Principles.Banff,Canada,2001: 57-72 [13] Shepherd D,Palm J,Pollock L,et al.Timna: A Framework for Automatically Combining Aspect Mining Analyses // Proc of the 20th IEEE/ACM International Conference on Automated Software Engineering.Long Beach,USA,2005: 184-193 [14] Tan Lin,Zhang Xiaolan,Ma Xiao,et al.AutoISES: Automatically Inferring Security Specifications and Detecting Violations // Proc of the 17th Conference on Security Symposium.San Jose,USA,2008: 379-394 [15] Tan Lin,Yuan Ding,Krishna G,et al.iComment: Bugs or Bad Comments? // Proc of the 21st ACM SIGOPS Symposium on Operating Systems Principles.Stevenson,USA,2007: 145-158 [16] Ganapathy V,King D,Jaeger T,et al.Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis // Proc of the 29th International Conference on Software Engineering.Minneapolis,USA,2007: 458-467 [17] Suresh T,Xie Tao.PARSEWeb: A Programmer Assistant for Reusing Open Source Code on the Web // Proc of the 22nd IEEE/ACM International Conference on Automated Software Engineering.Atlanta,USA,2007: 204-213 [18] Soyeon P,Lu Shan,Zhou Yuanyuan.CTrigger: Exposing Atomicity Violation Bugs from Their Hiding Places // Proc of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems.Washington,USA,2009: 25-36 [19] Shi Yao,Soyeon P,Yin Zuoning,et al.Do I Use the Wrong Definition? DefUse: Definition Use Invariants for Detecting Concurrency and Sequential Bugs // Proc of the Conference on Object-Oriented Programming: Systems,Languages,and Applications.Nevada,USA,2010: 160-174 [20] Tan Lin,Zhou Yuanyuan,Yoann P.aComment: Mining Annotations from Comments and Code to Detect Interrupt-Related Concurrency Bugs // Proc of the 33rd International Conference on Software Engineering.Honolulu,USA,2011: 11-20