Comparison and evaluation of code clone detection techniques and tools: A qualitative approach

Over the last decade many techniques and tools for software clone detection have been proposed. In this paper, we provide a qualitative comparison and evaluation of the current state-of-the-art in clone detection techniques and tools, and organize the large amount of information into a coherent conceptual framework. We begin with background concepts, a generic clone detection process and an overall taxonomy of current techniques and tools. We then classify, compare and evaluate the techniques and tools in two different dimensions. First, we classify and compare approaches based on a number of facets, each of which has a set of (possibly overlapping) attributes. Second, we qualitatively evaluate the classified techniques and tools with respect to a taxonomy of editing scenarios designed to model the creation of Type-1, Type-2, Type-3 and Type-4 clones. Finally, we provide examples of how one might use the results of this study to choose the most appropriate clone detection tool or technique in the context of a particular set of goals and constraints. The primary contributions of this paper are: (1) a schema for classifying clone detection techniques and tools and a classification of current clone detectors based on this schema, and (2) a taxonomy of editing scenarios that produce different clone types and a qualitative evaluation of current clone detectors based on this taxonomy.     

Joint network-host based malware detection using information-theoretic tools

In this paper, we propose two joint network-host based anomaly detection techniques that detect self-propagating malware in real-time by observing deviations from a behavioral model derived from a benign data profile. The proposed malware detection techniques employ perturbations in the distribution of keystrokes that are used to initiate network sessions. We show that the keystrokes’ entropy increases and the session-keystroke mutual information decreases when an endpoint is compromised by a self-propagating malware. These two types of perturbations are used for real-time malware detection. The proposed malware detection techniques are further compared with three prominent anomaly detectors, namely the maximum entropy detector, the rate limiting detector and the credit-based threshold random walk detector. We show that the proposed detectors provide considerably higher accuracy with almost 100% detection rates and very low false alarm rates.     

A taxonomy of reasoning mechanisms and data synchronization framework for road excavation productivity monitoring

Project management tasks, such as productivity monitoring and cost estimation, require data to be fused from multiple data sources, which are typically spatial and temporal in nature. In order to fuse a pair of spatial and temporal data sources, a number of different types of reasoning mechanisms are needed. This paper presents a taxonomy of spatial and temporal reasoning mechanisms needed to fuse spatial and temporal data sources to support construction productivity monitoring. In addition, the paper also describes two different approaches (i.e., interpolation and nearest neighbor approaches) that can be used to synchronize the temporal and/or spatial data sources. The developed taxonomy has been validated based on representative queries of construction engineers and managers that are identified in previous research studies. The interpolation and nearest neighbor approaches have been validated with real and simulated construction data sources.     

Systematic classification of unsafe worker behavior

This paper describes a classification system or taxonomy of unsafe worker behaviors which can be used to provide a means of systematically categorizing the behavioral activities that potentially precede an accident.The taxonomy was evaluated in two industrial plants which contained a wide variety of industrial work tasks. The data were collected, using safety sampling procedures, over a 14 month period. Approximately 90% of the observations of worker behaviors were safe and only about 10% were classified as unsafe. About 73% of the unsafe worker behaviors were related to the worker, 22% were related to tools, equipment, or materials, and about 5% were related to materials handling equipment.The taxonomy and associated sampling techniques were successfully used to identify unsafe worker behaviors which required corrective actions. The techniques were also demonstrated to be applicable for purposes of research and safety performance evaluation.     

基于K-均值聚类的改进非选择算法研究

文章提出了一种基于K-均值聚类的改进非选择算法,其核心是对检测器集进行K-均值聚类,将检测器集分为多个子类,根据子类中心和待检测数据的亲和度选择若干个合适的子类进行实际检测。文中对算法的检测过程进行了分析,并给出了该算法用于入侵检测时的测试实验结果。实验结果表明,文章算法在检测速度上有明显改善。     

Action-oriented classification of families' information and communication actions: exploring mothers' viewpoints

Action-oriented service and technology development begins with the idea that people use technologies to reach their action goals. Consequently, we should investigate user needs and how they can be satisfied, and adapt services and technologies to the natural course of actions. Here, we focus on family communication and investigate mobile communication service types for families. For this study 10 mothers were interviewed; we investigated the nature of their everyday information and communication needs and the different knowledge and information transfer actions that were discovered in their families. Qualitative analysis of these interviews was used to generate a taxonomy, which, in turn, can help in providing enhanced individual services and family-centred design models.     

Acculock: accurate and efficient detection of data races

This paper introduces a new dynamic data race detector, ACCULOCK , to detect data races in Java programs. ACCULOCK is the first hybrid detector that combines lockset and epoch‐based happens‐before for race detection. ACCULOCK analyzes a program execution by reasoning about the subset of the happens‐before relation observed with lock acquires and releases excluded, thereby making it less sensitive to thread interleaving than pure happens‐before detectors. When this relaxed happens‐before relation is violated, ACCULOCK applies a new lockset algorithm to verify the locking discipline by distinguishing reads and writes, thereby making it more immune to false positives than pure lockset detectors. In addition, ACCULOCK is designed to achieve these design objectives by maintaining comparable instrumentation overheads (in both time and space) to that of FASTTRACK , the fastest happens‐before detector available (at least for Java programs). All these properties of ACCULOCK have been validated and confirmed by comparing it against FASTTRACK and five other (pure happens‐before, pure lockset, or hybrid) detectors, which are implemented in the Jikes Research Virtual Machine using a collection of large benchmark programs from a variety of applications. Furthermore, porting ACCULOCK and FASTTRACK to a different platform, RoadRunner, and repeating our experiments yield similar observations in terms of their effectiveness in race detection and instrumentation overheads. Copyright © 2012 John Wiley & Sons, Ltd.     

一种层次化的恶意代码行为分析方法

提出一种层次化的恶意代码行为分析方法,首先根据程序运行时的系统调用序列获取行为信息,然后分析其行为意图并作危害性评估。在行为检测部分,设计了行为检测算法,利用系统调用函数及其参数信息识别程序行为。在行为分析部分,总结了各种恶意行为对计算机系统造成的危害,利用攻击树原理建立恶意行为危害评估模型,并给出恶意代码危害性计算方法。     

一种基于协议分析和免疫原理的网络入侵检测模型

通过对协议分析技术和生物免疫系统的理论分析,本文提出一种新的基于协议分析和免疫原理的网络入侵检测模型。该模型对检测器集合按照协议类型分类,生成相应的检测器子集,并设计一种新的检测器结构,对检测器进一步分类。每个子集中检测器独自进行变异、进化,整个检测器集合以子集为单位进行更新。在实际检测中,待检模式与相应的检测器子集匹配,从而能有效地提高检测速度,改进以往模型在这方面的不足。     

The Importance of Active Exploration,Optical Flow,and Task Alignment for Spatial Learning in Desktop 3D Environments

The Decision Support Systems (DSS) field has grown rapidly, drawing technology from many disciplines and pursuing applications in a variety of domains but developing little underlying theoretical structure and poor linkage between research and practice. This article presents a classification scheme for DSS techniques that provides a common theoretical framework for DSS research and also structures and simplifies the process of designing application systems. The classification system is functional, grouping DSS techniques according to their ability to provide similar kinds of support (i.e., functions) to a human decision maker. It is also cognitively based, defining the kinds of support that decision makers need in terms of architectural features and procedural aspects of human cognition. The classification is expressed as a taxonomy, encompassing six primary classes of decision support techniques representing the six general kinds of cognitive support that human decision makers need. The six classes are process models, which assist in projecting the future course of complex processes; choice models, which support integration of decision criteria across aspects and/or alternatives; information control techniques, which help in storage, retrieval, organization, and integration of data and knowledge; analysis and reasoning techniques, which support application of problem-specific expert reasoning procedures; representation aids, which assist in expression and manipulation of a specific representation of a decision problem; and judgment amplification/refinement techniques, which help in quantification and debiasing of heuristic judgments. Additional distinctions are provided to distinguish the individual techniques in each of these primary categories. The taxonomy also has practical use as a design aid for decision support systems. The kinds of decision support needs represented by the taxonomy are general and can be used to guide the analysis and decomposition of a given decision prior to decision aid design. Specific needs for assistance can then be tied to specific computational techniques in the taxonomy. Methodological suggestions for using the taxonomy as a design aid are given.     

Fault detection in autonomous robots based on fault injection and learning

In this paper, we study a new approach to fault detection for autonomous robots. Our hypothesis is that hardware faults change the flow of sensory data and the actions performed by the control program. By detecting these changes, the presence of faults can be inferred. In order to test our hypothesis, we collect data from three different tasks performed by real robots. During a number of training runs, we record sensory data from the robots while they are operating normally and after a fault has been injected. We use back-propagation neural networks to synthesize fault detection components based on the data collected in the training runs. We evaluate the performance of the trained fault detectors in terms of number of false positives and time it takes to detect a fault. The results show that good fault detectors can be obtained. We extend the set of possible faults and go on to show that a single fault detector can be trained to detect several faults in both a robot’s sensors and actuators. We show that fault detectors can be synthesized that are robust to variations in the task, and we show how a fault detector can be trained to allow one robot to detect faults that occur in another robot.

高维数据环境下网络异常检测的改进否定选择算法

人工免疫中的否定选择算法目前已成功地应用于异常检测的低维数据集上,但在高维数据集上的效果不大理想。为了改善算法的性能,分析了现有否定选择算法在网络异常检测中的不足,对带变长检测器的否定选择算法进行了修改,提出了一种改进的否定选择算法,新算法中通过移动检测器控制检测器覆盖情况。仿真实验结果表明了改进算法在网络异常检测中高维数据集上的有效性,可以取得较高的检测率和较低的误报率。     

A survey of imperatives and action representation formalisms

Representation and reasoning of actions is a wide spread area in the domain of Artificial Intelligence. The representation involves natural language instructions, which are based on the linguistic concepts and the reasoning methodology deals with the logical structures. In the computational domain, several theories pertaining to the state-space approach have been proposed to represent and reason out actions. Considering these aspects, this paper provides an account of work from the viewpoint of linguistics, logic and action representation formalisms. Based on this study, this paper then proposes a seven axes categorization scheme, that can be used to compare and analyze different theories.     

GSOS算子下共变-异变模拟的公理刻画

进程的行为理论是进程演算研究的核心内容之一,其侧重于讨论进程间的行为等价和模拟关系。共变-异变模拟(Covariant-Contravariant Simulation,CC-模拟)的概念是对经典(互)模拟概念的推广,它通过区分动作类型,刻画了规范与实现对系统主动、被动和通讯动作在精化关系中的不同要求。行为关系的(前)同余性和公理刻画是进程演算代数特征的集中体现,它们对规范及实现的分析和推理至关重要。一般而言,行为关系(前)同余性的证明和公理系统的构造需要基于不同进程演算系统的结构化操作语义(Structural Operational Semantics,SOS)分别展开。为了避免这类研究工作中的重复劳动,学术界针对一般化SOS规则形式的元理论开展了研究,GSOS是其中被广泛研究的规则形式之一。文中在考量了动作类型的基础上,基于CC-模拟对GSOS规则形式做出扩充,提出了CC-GSOS规则类型,证明了CC-模拟相对于CC-GSOS算子具有前同余性,并给出了在这些算子下CC-模拟的可靠完备公理系统的一般性构造方法。     

Multi-class grasping classifiers using EEG data and a common spatial pattern filter

This paper describes the classification of various human actions from brain activity. In particular, we focus on grasping movements and estimate grasping patterns from electroencephalogram (EEG) data. EEG data is converted to grasping features by using a common spatial pattern filter (CSP filter), and the features are subsequently classified into grasping categories by using the k-nearest neighbor method. We tested the pipeline of feature extraction and classification on the EEG dataset. The EEG data were acquired while participants grasped an object according to the Cutkosky’s grasping taxonomy, in which grasping movements are categorized into nine power-type grasping patterns and seven precision-type grasping patterns. The best classification rate for 9-class power-type grasping patterns was 48% and for 7-class precision-type grasping patterns was 40%.     

描述逻辑的动态时序扩展*

在一些基于本体的动态应用中,需要描述组合动作和变化域的时间特性。为了对这类应用建模,通过整合动态时序逻辑和描述逻辑,提出一类描述逻辑扩展。分析了该类扩展的基本形式DLTLALC的语法和语义,并提出一种可终止的tableau算法判别DLTLALC公式可满足性。利用该类扩展,可以表达组合动作执行过程中域变化的时间特性,该类扩展为语义Web服务等动态应用建模和推理提供了一条有效途径。     

基于改进的动态神经网络的网络入侵检测模型

提出了一种改进型的动态神经网络,并成功地将其应用于网络入侵检测系统中。对于给定的全连接的动态神经网络,在通过学习以后可以成为部分连接的神经网络系统,从而降低了计算的成本。针对目前常见的4种不同类型的网络攻击行为（即DoS,Probe,R2L,和U2R）,利用给定的改进型的动态神经网络分别构建相对应的检测系统。然后使用改进的遗传算法对给定的动态神经网络的权值和开关参数进行调节,以适应不同类型的入侵检测。最后利用KDD’99网络入侵检测数据对所提出的网络入侵检测模型进行训练和测试,初步试验结果表明,所提出的入侵检测系统具有较高的检测率。