Results 61-80 of 247.
Bookmark and Share    
Full Text
Peer Reviewed
See detailFaCoY - A Code-to-Code Search Engine
Kim, Kisub UL; Kim, Dongsun UL; Bissyande, Tegawendé François D Assise UL et al

in International Conference on Software Engineering (ICSE 2018) (2018, May 27)

Code search is an unavoidable activity in software development. Various approaches and techniques have been explored in the literature to support code search tasks. Most of these approaches focus on ... [more ▼]

Code search is an unavoidable activity in software development. Various approaches and techniques have been explored in the literature to support code search tasks. Most of these approaches focus on serving user queries provided as natural language free-form input. However, there exists a wide range of use-case scenarios where a code-to-code approach would be most beneficial. For example, research directions in code transplantation, code diversity, patch recommendation can leverage a code-to-code search engine to find essential ingredients for their techniques. In this paper, we propose FaCoY, a novel approach for statically finding code fragments which may be semantically similar to user input code. FaCoY implements a query alternation strategy: instead of directly matching code query tokens with code in the search space, FaCoY first attempts to identify other tokens which may also be relevant in implementing the functional behavior of the input code. With various experiments, we show that (1) FaCoY is more effective than online code-to-code search engines; (2) FaCoY can detect more semantic code clones (i.e., Type-4) in BigCloneBench than the state-of-theart; (3) FaCoY, while static, can detect code fragments which are indeed similar with respect to runtime execution behavior; and (4) FaCoY can be useful in code/patch recommendation. [less ▲]

Detailed reference viewed: 206 (20 UL)
Full Text
Peer Reviewed
See detailTowards Estimating and Predicting User Perception on Software Product Variants
Martinez, Jabier; Sottet, Jean-Sebastien; Garcia-Frey, Alfonso et al

in 17th International Conference on Software Reuse (ICSR) (2018, May)

Detailed reference viewed: 86 (3 UL)
Full Text
Peer Reviewed
See detailExtracting Statistical Graph Features for Accurate and Efficient Time Series Classification
Li, Daoyuan UL; Lin, Jessica; Bissyande, Tegawendé François D Assise UL et al

in 21st International Conference on Extending Database Technology (2018, March)

This paper presents a multiscale visibility graph representation for time series as well as feature extraction methods for time series classification (TSC). Unlike traditional TSC approaches that seek to ... [more ▼]

This paper presents a multiscale visibility graph representation for time series as well as feature extraction methods for time series classification (TSC). Unlike traditional TSC approaches that seek to find global similarities in time series databases (eg., Nearest Neighbor with Dynamic Time Warping distance) or methods specializing in locating local patterns/subsequences (eg., shapelets), we extract solely statistical features from graphs that are generated from time series. Specifically, we augment time series by means of their multiscale approximations, which are further transformed into a set of visibility graphs. After extracting probability distributions of small motifs, density, assortativity, etc., these features are used for building highly accurate classification models using generic classifiers (eg., Support Vector Machine and eXtreme Gradient Boosting). Thanks to the way how we transform time series into graphs and extract features from them, we are able to capture both global and local features from time series. Based on extensive experiments on a large number of open datasets and comparison with five state-of-the-art TSC algorithms, our approach is shown to be both accurate and efficient: it is more accurate than Learning Shapelets and at the same time faster than Fast Shapelets. [less ▲]

Detailed reference viewed: 643 (13 UL)
Full Text
Peer Reviewed
See detailCloud Providers Viability: How to Address it from an IT and Legal Perspective?
Bartolini, Cesare UL; El Kateb, Donia; Le Traon, Yves UL et al

in Electron Markets (2018), 28(1), 53-75

A major part of the commercial Internet is moving toward the cloud paradigm. This phenomenon has a drastic impact onthe organizational structures of enterprizes and introduces new challenges that must be ... [more ▼]

A major part of the commercial Internet is moving toward the cloud paradigm. This phenomenon has a drastic impact onthe organizational structures of enterprizes and introduces new challenges that must be properly addressed to avoid majorsetbacks. One such challenge is that of cloud provider viability, that is, the reasonable certainty that the Cloud ServiceProvider (CSP) will not go out of business, either by filing for bankruptcy or by simply shutting down operations, thusleaving its customers stranded without an infrastructure and, depending on the type of cloud service used, even withouttheir applications or data. This article attempts to address the issue of cloud provider viability, defining a possible way ofmodeling viability as a non-functional requirement and proposing some approaches that can be used to mitigate the problem,both from a technical and from a legal perspective. By introducing a structured perspective into the topic of cloud viability,describing the risks, factors and possible mitigators, the contribution of this work is twofold: it gives the customer a betterunderstanding to determine when it can rely on the cloud infrastructure on the long term and what precautions it should takein any case, and provides the CSP with means to address some of the viability issues and thus increase its customers’ trust. [less ▲]

Detailed reference viewed: 129 (0 UL)
Full Text
Peer Reviewed
See detailComparison of metadata quality in open data portals using the Analytic Hierarchy Process
Kubler, sylvain; Robert, Jérémy UL; Neumaier, Sebastian et al

in Government Information Quarterly (2018)

Detailed reference viewed: 124 (3 UL)
Full Text
Peer Reviewed
See detailAugmenting and Structuring User Queries to Support Efficient Free-Form Code Search
Sirres, Raphael; Bissyande, Tegawendé François D Assise UL; Kim, Dongsun et al

in Empirical Software Engineering (2018), 90

Detailed reference viewed: 106 (6 UL)
Full Text
Peer Reviewed
See detailPredicting the Fault Revelation Utility of Mutants
Titcheu Chekam, Thierry UL; Papadakis, Mike UL; Bissyande, Tegawendé François D Assise UL et al

in 40th International Conference on Software Engineering, Gothenburg, Sweden, May 27 - 3 June 2018 (2018)

Detailed reference viewed: 262 (22 UL)
Full Text
Peer Reviewed
See detailMutant Quality Indicators
Papadakis, Mike UL; Titcheu Chekam, Thierry UL; Le Traon, Yves UL

in 13th International Workshop on Mutation Analysis (MUTATION'18) (2018)

Detailed reference viewed: 274 (20 UL)
Peer Reviewed
See detailFini le Bac à Sable. Avec le CVE-2017-3272, devenez un grand!
Bartel, Alexandre UL; Klein, Jacques UL; Le Traon, Yves UL

Article for general public (2018)

Detailed reference viewed: 96 (6 UL)
Peer Reviewed
See detailDésérialisation Java : Une brève introduction
Bartel, Alexandre UL; Klein, Jacques UL; Le Traon, Yves UL

Article for general public (2018)

Detailed reference viewed: 98 (9 UL)
Full Text
Peer Reviewed
See detailEnabling the Continous Analysis of Security Vulnerabilities with VulData7
Jimenez, Matthieu UL; Le Traon, Yves UL; Papadakis, Mike UL

in IEEE International Working Conference on Source Code Analysis and Manipulation (2018)

Detailed reference viewed: 292 (34 UL)
Full Text
Peer Reviewed
See detailMining Fix Patterns for FindBugs Violations
Liu, Kui UL; Kim, Dongsun; Bissyande, Tegawendé François D Assise UL et al

in IEEE Transactions on Software Engineering (2018)

Several static analysis tools, such as Splint or FindBugs, have been proposed to the software development community to help detect security vulnerabilities or bad programming practices. However, the ... [more ▼]

Several static analysis tools, such as Splint or FindBugs, have been proposed to the software development community to help detect security vulnerabilities or bad programming practices. However, the adoption of these tools is hindered by their high false positive rates. If the false positive rate is too high, developers may get acclimated to violation reports from these tools, causing concrete and severe bugs being overlooked. Fortunately, some violations are actually addressed and resolved by developers. We claim that those violations that are recurrently fixed are likely to be true positives, and an automated approach can learn to repair similar unseen violations. However, there is lack of a systematic way to investigate the distributions on existing violations and fixed ones in the wild, that can provide insights into prioritizing violations for developers, and an effective way to mine code and fix patterns which can help developers easily understand the reasons of leading violations and how to fix them. In this paper, we first collect and track a large number of fixed and unfixed violations across revisions of software. The empirical analyses reveal that there are discrepancies in the distributions of violations that are detected and those that are fixed, in terms of occurrences, spread and categories, which can provide insights into prioritizing violations. To automatically identify patterns in violations and their fixes, we propose an approach that utilizes convolutional neural networks to learn features and clustering to regroup similar instances. We then evaluate the usefulness of the identified fix patterns by applying them to unfixed violations. The results show that developers will accept and merge a majority (69/116) of fixes generated from the inferred fix patterns. It is also noteworthy that the yielded patterns are applicable to four real bugs in the Defects4J major benchmark for software testing and automated repair. [less ▲]

Detailed reference viewed: 134 (3 UL)
Full Text
Peer Reviewed
See detailFeature location benchmark for extractive software product line adoption research using realistic and synthetic Eclipse variants
Martinez, Jabier; Ziadi, Tewfik; Papadakis, Mike UL et al

in Information and Software Technology (2018)

Detailed reference viewed: 138 (5 UL)
Full Text
Peer Reviewed
See detailHow effective are mutation testing tools? An empirical analysis of Java mutation testing tools with manual analysis and real faults
Kintis, Marinos UL; Papadakis, Mike UL; Papadopoulos, Andreas et al

in Empirical Software Engineering (2018)

Mutation analysis is a well-studied, fault-based testing technique. It requires testers to design tests based on a set of artificial defects. The defects help in performing testing activities by measuring ... [more ▼]

Mutation analysis is a well-studied, fault-based testing technique. It requires testers to design tests based on a set of artificial defects. The defects help in performing testing activities by measuring the ratio that is revealed by the candidate tests. Unfortunately, applying mutation to real-world programs requires automated tools due to the vast number of defects involved. In such a case, the effectiveness of the method strongly depends on the peculiarities of the employed tools. Thus, when using automated tools, their implementation inadequacies can lead to inaccurate results. To deal with this issue, we cross-evaluate four mutation testing tools for Java, namely PIT, muJava, Major and the research version of PIT, PITRV, with respect to their fault-detection capabilities. We investigate the strengths of the tools based on: a) a set of real faults and b) manual analysis of the mutants they introduce. We find that there are large differences between the tools’ effectiveness and demonstrate that no tool is able to subsume the others. We also provide results indicating the application cost of the method. Overall, we find that PITRV achieves the best results. In particular, PITRV outperforms the other tools by finding 6% more faults than the other tools combined. [less ▲]

Detailed reference viewed: 208 (9 UL)
Full Text
Peer Reviewed
See detailA training-resistant anomaly detection system
Muller, Steve UL; Lancrenon, Jean; Harpes, Carlo et al

in Computers and Security (2018), 76

Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a ... [more ▼]

Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous traffic. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine learning based detection schemes, and how it can be detected. © 2018 Elsevier Ltd [less ▲]

Detailed reference viewed: 182 (7 UL)
Full Text
Peer Reviewed
See detailPROFICIENT: Productivity Tool for Semantic Interoperability in an Open IoT Ecosystem
Kolbe, Niklas UL; Robert, Jérémy UL; Kubler, Sylvain et al

in Proceedings of the 14th International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (2017, November 07)

The Internet of Things (IoT) is promising to open up opportunities for businesses to offer new services to uncover untapped needs. However, before taking advantage of such opportunities, there are still ... [more ▼]

The Internet of Things (IoT) is promising to open up opportunities for businesses to offer new services to uncover untapped needs. However, before taking advantage of such opportunities, there are still challenges ahead, one of which is the development of strategies to abstract from the heterogeneity of APIs that shape today's IoT. It is becoming increasingly complex for developers and smart connected objects to efficiently discover, parse, aggregate and process data from disparate information systems, as different protocols, data models, and serializations for APIs exist on the market. Standards play an indisputable role in reducing such a complexity, but will not solve all problems related to interoperability. For example, it will remain a permanent need to help and guide data/service providers to efficiently describe the data/services they would like to expose to the IoT. This paper presents PROFICIENT, a productivity tool that fulfills this need, which is showcased and evaluated considering recent open messaging standards and a smart parking scenario. [less ▲]

Detailed reference viewed: 249 (18 UL)
Full Text
Peer Reviewed
See detailOn Locating Malicious Code in Piggybacked Android Apps
Li, Li UL; Li, Daoyuan UL; Bissyande, Tegawendé François D Assise UL et al

in Journal of Computer Science and Technology (2017)

To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to ... [more ▼]

To devise efficient approaches and tools for detecting malicious packages in the Android ecosystem, researchers are increasingly required to have a deep understanding of malware. There is thus a need to provide a framework for dissecting malware and locating malicious program fragments within app code in order to build a comprehensive dataset of malicious samples. Towards addressing this need, we propose in this work a tool-based approach called HookRanker, which provides ranked lists of potentially malicious packages based on the way malware behaviour code is triggered. With experiments on a ground truth of piggybacked apps, we are able to automatically locate the malicious packages from piggybacked Android apps with an accuracy@5 of 83.6% for such packages that are triggered through method invocations and an accuracy@5 of 82.2% for such packages that are triggered independently. [less ▲]

Detailed reference viewed: 193 (10 UL)
Full Text
See detailTowards a Plug-and-Play and Holistic Data Mining Framework for Understanding and Facilitating Operations in Smart Buildings
Li, Daoyuan UL; Bissyande, Tegawendé François D Assise UL; Klein, Jacques UL et al

Report (2017)

Nowadays, a significant portion of the total energy consumption is attributed to the buildings sector. In order to save energy and protect the environment, energy consumption in buildings must be more ... [more ▼]

Nowadays, a significant portion of the total energy consumption is attributed to the buildings sector. In order to save energy and protect the environment, energy consumption in buildings must be more efficient. At the same time, buildings should offer the same (if not more) comfort to their occupants. Consequently, modern buildings have been equipped with various sensors and actuators and interconnected control systems to meet occupants’ requirements. Unfortunately, so far, Building Automation Systems data have not been well-exploited due to technical and cost limitations. Yet, it can be exceptionally beneficial to take full advantage of the data flowing inside buildings in order to diagnose issues, explore solutions and improve occupant-building interactions. This paper presents a plug-and-play and holistic data mining framework named PHoliData for smart buildings to collect, store, visualize and mine useful information and domain knowledge from data in smart buildings. PHoliData allows non technical experts to easily explore and understand their buildings with minimum IT support. An architecture of this framework has been introduced and a prototype has been implemented and tested against real-world settings. Discussions with industry experts have suggested the system to be extremely helpful for understanding buildings, since it can provide hints about energy efficiency improvements. Finally, extensive experiments have demonstrated the feasibility of such a framework in practice and its advantage and potential for buildings operators. [less ▲]

Detailed reference viewed: 125 (7 UL)
Full Text
Peer Reviewed
See detailRaising Time Awareness in Model-Driven Engineering
Benelallam, Amine; Hartmann, Thomas UL; Mouline, Ludovic UL et al

in 2017 ACM/IEEE 20th International Conference on Model Driven Engineering Languages and Systems (2017, September)

The conviction that big data analytics is a key for the success of modern businesses is growing deeper, and the mobilisation of companies into adopting it becomes increasingly important. Big data ... [more ▼]

The conviction that big data analytics is a key for the success of modern businesses is growing deeper, and the mobilisation of companies into adopting it becomes increasingly important. Big data integration projects enable companies to capture their relevant data, to efficiently store it, turn it into domain knowledge, and finally monetize it. In this context, historical data, also called temporal data, is becoming increasingly available and delivers means to analyse the history of applications, discover temporal patterns, and predict future trends. Despite the fact that most data that today’s applications are dealing with is inherently temporal current approaches, methodologies, and environments for developing these applications don’t provide sufficient support for handling time. We envision that Model-Driven Engineering (MDE) would be an appropriate ecosystem for a seamless and orthogonal integration of time into domain modelling and processing. In this paper, we investigate the state-of-the-art in MDE techniques and tools in order to identify the missing bricks for raising time-awareness in MDE and outline research directions in this emerging domain. [less ▲]

Detailed reference viewed: 182 (9 UL)
Full Text
Peer Reviewed
See detailKnowledge-based Consistency Index for Fuzzy Pairwise Comparison Matrices
Kubler, Sylvain UL; Derigent, William; Voisin, Alexandre et al

in Knowledge-based Consistency Index for Fuzzy Pairwise Comparison Matrices (2017, July 10)

Abstract—Fuzzy AHP is today one of the most used Multiple Criteria Decision-Making (MCDM) techniques. The main argument to introduce fuzzy set theory within AHP lies in its ability to handle uncertainty ... [more ▼]

Abstract—Fuzzy AHP is today one of the most used Multiple Criteria Decision-Making (MCDM) techniques. The main argument to introduce fuzzy set theory within AHP lies in its ability to handle uncertainty and vagueness arising from decision makers (when performing pairwise comparisons between a set of criteria/alternatives). As humans usually reason with granular information rather than precise one, such pairwise comparisons may contain some degree of inconsistency that needs to be properly tackled to guarantee the relevance of the result/ranking. Over the last decades, several consistency indexes designed for fuzzy pairwise comparison matrices (FPCMs) were proposed, as will be discussed in this article. However, for some decision theory specialists, it appears that most of these indexes fail to be properly “axiomatically” founded, thus leading to misleading results. To overcome this, a new index, referred to as KCI (Knowledge-based Consistency Index) is introduced in this paper, and later compared with an existing index that is axiomatically well founded. The comparison results show that (i) both indexes perform similarly from a consistency measurement perspective, but (ii) KCI contributes to significantly reduce the computation time, which can save expert’s time in some MCDM problems. [less ▲]

Detailed reference viewed: 169 (4 UL)