检索结果-内蒙古大学图书馆

37th IEEE/ACM International Conference on Automated Software Engineering (ASE)

作者： Hernandez Lopez, Jose Antonio Weyssow, Martin Sanchez Cuadrado, Jesus Sahraoui, Houari Univ Murcia Murcia Spain Univ Montreal DIRO Montreal PQ Canada

ISBN: (纸本)9781450394758

The objective of pre-trained language models is to learn contextual representations of textual data. Pre-trained language models have become mainstream in natural language processing and code modeling. Using probes, a technique to study the linguistic properties of hidden vector spaces, previous works have shown that these pre-trained language models encode simple linguistic properties in their hidden representations. However, none of the previous work assessed whether these models encode the whole grammatical structure of a programming language. In this paper, we prove the existence of a syntactic sub-space, lying in the hidden representations of pre-trained language models, which contain the syntactic information of the programming language. We show that this subspace can be extracted from the models' representations and define a novel probing method, the AST-Probe, that enables recovering the whole abstract syntax tree (AST) of an input code snippet. In our experimentations, we show that this syntactic subspace exists in five state-of-the-art pre-trained language models. In addition, we highlight that the middle layers of the models are the ones that encode most of the AST information. Finally, we estimate the optimal size of this syntactic subspace and show that its dimension is substantially lower than those of the models' representation spaces. This suggests that pre-trained language models use a small part of their representation spaces to encode syntactic information of the programming languages.

关键词： pre-trained language models abstract syntax tree probing programming languages

来源：评论

学校读者我要写书评

暂无评论

Script and macro based malware classification by clustering abstract syntax trees

Script and macro based malware classification by clustering ...

引用

作者： Nurmi, Henri Aalto University

学位级别：硕士

Script and macro-based malicious attachments are typically only the first step of a malicious chain of events. These scripts acting only as a downloader to the actual malicous binary, and they are spread mostly through emails. Malicious email is one of the most significant infection vector for spreading malware. Malware authors use many obfuscation and modification techniques to make each mal- ware unique. Therefore, detecting these unique files by examining each sample’s staticaly is challenging. This thesis explores the static detection system, which uses the malware sample’s abstract syntax tree (AST) to detect similar samples. abstract syntax trees from known malware samples are clustered to minimize the search space for similarity computing. We evaluate the system by measuring the accuracy of detecting malware and the overall performance. As the main result of this thesis, we show that the AST-based detection system is suitable to detect similar malware samples even if they are obfuscated. Furthermore, the approach improves the detection accuracy compared to the raw string-based pattern matching. Our results also show that the algorithm for computing the AST needs to be improved to be able to used for the real-time malware monitoring.

关键词： malware detection cluster analysis abstract syntax tree structural summaries

来源：评论

学校读者我要写书评

暂无评论

PassSum: Leveraging paths of abstract syntax trees and self-supervision for code summarization

引用

JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS 2023年第6期36卷

作者： Niu, Changan Li, Chuanyi Ng, Vincent Ge, Jidong Huang, Liguo Luo, Bin Nanjing Univ Natl Key Lab Novel Software Technol 22 Hankou Rd Nanjing Peoples R China Univ Texas Dallas Human Language Technol Res Inst Richardson TX USA Southern Methodist Univ Dept Comp Sci Dallas TX USA

Code summarization is to provide a high-level comment for a code snippet that typically describes the function and intent of the given code. Recent years have seen the successful application of data-driven code summarization. To improve the performance of the model, numerous approaches use abstract syntax trees (ASTs) to represent the structural information of the code, which is considered by most researchers to be the main factor that distinguishes code from natural language. Then, such data-driven methods are trained on large-scale labeled datasets to obtain a model with strong generalization capabilities that can be applied to new examples. Nevertheless, we argue that state-of-the-art approaches suffer from two key weaknesses: (1) inefficient encoding of ASTs;(2) reliance on a large labeled corpus for model training. As a result, such drawbacks lead to (1) oversized model, slow training, information loss and instability;(2) inability to be applied to programming languages with only a small amount of labeled data. In light of these weaknesses, we propose PassSum, a code summarization approach that addresses the aforementioned weaknesses via (1) a novel input representation which contains an efficient AST encoding method;(2) introducing three pretraining objectives and pretraining our model with a large amount of (easy-to-obtain) unlabeled data under the guidance of self-supervised learning. Experimental results on code summarization for Java, Python, and Ruby methods demonstrate the superiority of PassSum to state-of-the-art methods. Further experiments demonstrate that the input representation we use has both temporal and spatial advantages in addition to performance leadership. In addition, pretraining is also shown to make the model more generalizable with less labeled data, and also to speed up the convergence of the model during training. Our contributions are as follows. We propose a novel input representation containing an efficient AST encoding method with

关键词： abstract syntax tree code summarization self-supervised pretraining Transformer

来源：评论

学校读者我要写书评

暂无评论

MFF-SC: A multi-feature fusion method for smart contract classification

引用

INTELLIGENT DATA ANALYSIS 2023年第6期27卷 1781-1810页

作者： Tian, Gang Wang, Xiaojin Wang, Rui Yu, Qiuyue Zhao, Guangxin Shangdong Univ Sci & Technol Coll Comp Sci & Engn Qingdao Shangdong Peoples R China Shangdong Univ Sci & Technol Coll Energy & Min Engn Qingdao 266590 Shangdong Peoples R China

The classification of the smart contract can effectively reduce the search space and improve retrieval efficiency. The existing classification methods are based on natural language processing technologies. Because the processing of source code by these technologies lacks extraction and processing in the software engineering field, there is still a lot of room for improvement in their methods of feature extraction. Therefore, this paper proposes a multi-feature fusion method for smart contract classification (MFF-SC) based on the code processing technology. From the source code perspective, source code processing method and attention mechanism are used to extract local code features. Structure-based traversal method are used to extract global code features from abstract syntax tree. Local and global code features introduce attention mechanism to generate code semantic features. From the perspective of account transaction, the feature of account transaction is extracted by using TransR. Next, the code semantic features and account transaction features generate smart contract semantic features by an attention mechanism. Finally, the smart contract semantic features are fed into a stacked denoising autoencoder and a softmax classifier for classification. Experimental results on a real dataset show that MFF-SC achieves an accuracy rate of 83.9%, compared with other baselines and variants.

关键词： Smart contract classification abstract syntax tree feature extraction feature representation feature fusion

来源：评论

学校读者我要写书评

暂无评论

A domain-specific compiler theory based framework for automated reaction network generation

引用

COMPUTERS & CHEMICAL ENGINEERING 2008年第10期32卷 2455-2470页

作者： Hsu, Shuo-Huan Krishnamurthy, Balachandra Rao, Prathima Zhao, Chunhua Jagannathan, Suresh Venkatasubramanian, Venkat Purdue Univ Lab Intelligent Proc Syst Sch Chem Engn W Lafayette IN 47907 USA Purdue Univ Dept Comp Sci W Lafayette IN 47907 USA

Catalytic chemical reaction networks are often very complicated because of the numerous species and reactions involved. Hence, automating the network generation process is necessary as it is quite labor intensive and error prone to write down all the reactions manually. We present an automated integrated framework for reaction network generation based on domain-specific compiler theory using a knowledge base of chemistry rules. The chemistry rules represent basic reaction mechanisms that the reactants can undergo. The system's domain-specific compiler takes the rules and initial reactants as inputs. parses the rule text, generates the intermediate representation, and finally produces the reaction network by interpreting the intermediate representation. We chose the abstract syntax tree (AST) as the intermediate representation because of its transparency and ease of search. The system executes the AST using the initial reactants, and generates the reaction network. The Reaction Description Language (RDL) has been extended to describe the chemistry rules for catalytic systems. and the molecules are represented by Simplified Molecular Input Line Entry System (SMILES). This framework separates the molecules and the behavior of catalysts, represented by the chemistry rules. This approach accelerates the speed of generating hypotheses for building the kinetic models for catalytic systems. (c) 2008 Elsevier Ltd. All rights reserved.

关键词： reaction networks chemistry rules compiler abstract syntax tree automatic network generation catalysis

来源：评论

学校读者我要写书评

暂无评论

Class mutation operators for C plus plus object-oriented systems

引用

ANNALS OF TELECOMMUNICATIONS 2015年第3-4期70卷 137-148页

作者： Delgado-Perez, Pedro Medina-Bulo, Inmaculada Jose Dominguez-Jimenez, Juan Garcia-Dominguez, Antonio Palomo-Lozano, Francisco Univ Cadiz Escuela Super Ingn Cadiz 11002 Spain

Mutation testing is a fault injection testing technique around which a great variety of studies and tools for different programming languages have been developed. Nevertheless, the mutation testing research with respect to C++ is pending. This paper proposes a set of class mutation operators related to this language and its particular object-oriented (OO) features. In addition, an implementation technique to apply mutation testing based on the traversal of the abstract syntax tree (AST) is presented. Finally, an experiment is conducted to study the operator behaviour with different C++ programs, suggesting their usefulness in the creation of complete test suites. The analysis includes a Web service (WS) library, one of the domains where this technique can prove useful, considering its challenging testing phase and that C++ is still a reference language for critical distributed systems WS.

关键词： Mutation testing Mutation operators C plus Object-oriented programming abstract syntax tree Web services

来源：评论

学校读者我要写书评

暂无评论

A Hierarchical Feature Ensemble Deep Learning Approach for Software Defect Prediction

引用

INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING 2023年第4期33卷 543-573页

作者： Zhang, Shenggang Jiang, Shujuan Yan, Yue China Univ Min & Technol Sch Comp Sci & Technol Xuzhou 221116 Peoples R China

Software defect prediction can detect modules that may have defects in advance and optimize resource allocation to improve test efficiency and reduce development costs. Traditional features cannot capture deep semantic and grammatical information, which limits the further development of software defect prediction. Therefore, it has gradually become a trend to use deep learning technology to automatically learn valuable deep features from source code or relevant data. However, most software defect prediction methods based on deep learning extraction features from a single information source or only use a single deep learning model, which leads to the fact that the extracted features are not comprehensive enough to affect the final prediction performance. In view of this, this paper proposes a Hierarchical Feature Ensemble Deep Learning (HFEDL) Approach for software defect prediction. Firstly, the HFEDL approach needs to obtain three types of information sources: abstract syntax tree (AST), class dependency network (CDN) and traditional features. Then, the Convolutional Neural Network (CNN) and the Bidirectional Long Short-Term Memory based on Attention mechanism (BiLSTM+Attention) are used to extract different valuable features from the three information sources and multiple prediction sub-models are constructed. Next, all the extracted features are fused by a filter mechanism to obtain more comprehensive features and construct a fusion prediction sub-model. Finally, all the sub-models are integrated by an ensemble learning method to obtain the final prediction model. We use 11 projects in the PROMISE defect repository and evaluate our approach in both non-effort-aware and effort-aware scenarios. The experimental results show that the prediction performance of our approach is superior to state-of-the-art methods in both scenarios.

关键词： Software defect prediction deep learning abstract syntax tree class dependency network ensemble learning

来源：评论

学校读者我要写书评

暂无评论

TransformCode: A Contrastive Learning Framework for Code Embedding via Subtree Transformation

引用

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING 2024年第6期50卷 1600-1619页

作者： Xian, Zixiang Huang, Rubing Towey, Dave Fang, Chunrong Chen, Zhenyu Macau Univ Sci & Technol Sch Comp Sci & Engn Macau 999078 Peoples R China Univ Nottingham Ningbo China Sch Comp Sci Ningbo 315100 Zhejiang Peoples R China Nanjing Univ State Key Lab Novel Software Technol Nanjing 210093 Peoples R China

Artificial intelligence (AI) has revolutionized software engineering (SE) by enhancing software development efficiency. The advent of pre-trained models (PTMs) leveraging transfer learning has significantly advanced AI for SE. However, existing PTMs that operate on individual code tokens suffer from several limitations: They are costly to train and fine-tune;and they rely heavily on labeled data for fine-tuning on task-specific datasets. In this paper, we present TransformCode, a novel framework that learns code embeddings in a contrastive learning manner. Our framework is encoder-agnostic and language-agnostic, which means that it can leverage any encoder model and handle any programming language. We also propose a novel data-augmentation technique called abstract syntax tree (AST) transformation, which applies syntactic and semantic transformations to the original code snippets, to generate more diverse and robust samples for contrastive learning. Our framework has several advantages over existing methods: (1) It is flexible and adaptable, because it can easily be extended to other downstream tasks that require code representation (such as code-clone detection and classification);(2) it is efficient and scalable, because it does not require a large model or a large amount of training data, and it can support any programming language;(3) it is not limited to unsupervised learning, but can also be applied to some supervised learning tasks by incorporating task-specific labels or objectives;and (4) it can also adjust the number of encoder parameters based on computing resources. We evaluate our framework on several code-related tasks, and demonstrate its effectiveness and superiority over the state-of-the-art methods such as SourcererCC, Code2vec, and InferCode.

关键词： Codes Task analysis Self-supervised learning Syntactics Semantics Vectors Training Code embedding transformer abstract syntax tree contrastive learning

来源：评论

学校读者我要写书评

暂无评论

Cross-project defect prediction via semantic and syntactic encoding

引用

EMPIRICAL SOFTWARE ENGINEERING 2024年第4期29卷 80-80页

作者： Jiang, Siyu Chen, Yuwen He, Zhenhang Shang, Yunpeng Ma, Le Guangdong Univ Foreign Studies Sch Informat Sci & Technol Guangzhou Key Lab Multilingual Intelligent Proc Guangzhou Peoples R China Guangdong Univ Foreign Studies Guangzhou Peoples R China Guangzhou City Univ Technol Guangzhou Peoples R China

Cross-Project Defect Prediction (CPDP) is a promising research field that focuses on detecting defects in projects with limited labeled data by utilizing prediction models trained on projects with abundant data. However, previous CPDP approaches based on abstract syntax tree (AST) have often encountered challenges in effectively acquiring semantic and syntactic information, resulting in their limited ability to combine both productively. This issue arises primarily from the practice of flattening the AST into a linear sequence in many AST-based methods, leading to the loss of hierarchical syntactic structure and structural information within the code. Besides, other AST-based methods use a recursive way to traverse the tree-structured AST, which is susceptible to gradient vanishing. To alleviate these concerns, we introduce a novel CPDP method named defect prediction via Semantic and Syntactic Encoding (SSE) that enhances Zhang's approach by encoding semantic and syntactic information while retaining and considering AST structure. Specifically, we perform pre-training on a large corpus using a language model to learn semantic information. Next, we present a new rule for splitting AST into subtrees to avoid vanishing gradients. Then, the absolute paths originating from the root node and leading to the leaf nodes are encoded as hierarchical syntactic information. Finally, we design an encoder to integrate syntactic information into semantic information and leverage Bi-directional Long-Short Term Memory to learn the entire tree representation for prediction. Experimental results on 12 benchmark projects illustrate that the SSE method we proposed surpasses current state-of-the-art methods.

关键词： Cross project defect prediction Semantic and syntactic information abstract syntax tree Software reliability

来源：评论

学校读者我要写书评

暂无评论

Detecting Malicious JavaScript Using Structure-Based Analysis of Graph Representation

引用

IEEE ACCESS 2023年 11卷 102727-102745页

作者： Rozi, Muhammad Fakhrur Ban, Tao Ozawa, Seiichi Yamada, Akira Takahashi, Takeshi Kim, Sangwook Inoue, Daisuke Natl Inst Informat & Commun Technol Koganei 1848795 Japan Kobe Univ Elect & Elect Engn Dept Kobe 6578501 Japan Kobe Univ Ctr Math & Data Sci Kobe 6578501 Japan

Malicious JavaScript code in web applications poses a significant threat as cyber attackers exploit it to perform various malicious activities. Detecting these malicious scripts is challenging, given their diverse nature and the continuous evolution of attack techniques. Most approaches formulate this task as a static or sequential feature of the script, which is insufficient in terms of flexibility to various attack techniques and the ability to capture the script's semantic meaning. To address this issue, we propose an alternative approach that leverages JavaScript code's abstract syntax tree (AST) representation, focusing on distinctive syntactic structure features. The proposed approach uses graph neural networks to extract structural features from the AST graph while considering the attribute features of individual nodes, which uses neural message passing with neighborhood aggregation. The proposed method encodes both the local AST graph structure and attributes of the nodes. It enables capturing the source code's semantic meaning and exploits the signature structure in the AST representations. The proposed method consistently achieved high detection performance in extensive experiments on two different datasets, with accuracy scores of 99.4% and 96.92%. The obtained evaluation metrics demonstrate the effectiveness of our approach in accurately detecting malicious JavaScript code, with our proposed method successfully detecting more than 81% for various attack types and achieving an almost twofold performance improvement on JS-Droppers compared to the sequence-based approach. In addition, we observed that the AST graph structure represented the code's semantic meaning, exhibiting distinctive patterns and signatures that could be effectively captured using the proposed method.

关键词： abstract syntax tree cyber security graph neural network malicious JavaScript detection source code representation

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：