a comparison of code similarity analyzers
play

A Comparison of Code Similarity Analyzers C. Ragkhitwetsagul, J. - PowerPoint PPT Presentation

Nov 20, 2023 •207 likes •526 views

A Comparison of Code Similarity Analyzers C. Ragkhitwetsagul, J. Krinke, D. Clark SCAM 16, EMSE (under reviewed) 1 Photo: https://c1.staticflickr.com/1/316/31831180223_38db905f28_c.jpg When source code is copied and modified, which

  1. A Comparison of Code Similarity Analyzers C. Ragkhitwetsagul, J. Krinke, D. Clark SCAM ’16, EMSE (under reviewed) 1 Photo: https://c1.staticflickr.com/1/316/31831180223_38db905f28_c.jpg

  2. “When source code is copied and modified, which code similarity detection techniques or tools get the most accurate results?” 2

  3. Bellon et al. (TSE 2007) Roy et al. (Sci Comp Prog. 2009) Hage et al. (CSERC 2010) Biegel et al. (MSR ’11) 3

  4. The selected tools are limited to only a subset of 1 clone or plagiarism detectors 
 (and their parameters). 2 The results are based on di ff erent data sets. 4

  5. 30 tools 5

  6. Pervasive Modifications From: https://www.princeton.edu/pr/pub/integrity/pages/plagiarism/ /* ORIGINAL */ /* PERVASIVELY MODIFIED CODE */ private static int partition 
 private static int partition (Comparable[] a, int lo, int hi) { 
 ( int [] bob, int left, int right){ 
 int i = lo; 
 int x = left; 
 int j = hi+1; 
 int y = right+1; 
 Comparable v = a[lo]; 
 for (;;) { 
 while ( true ) { 
 while ( less (bob[left],bob[--y])) 
 while ( less (a[++i], v)) { 
 if (y == left) break ; 
 if (i == hi) break ; 
 while ( less (bob[++x],bob[left])) 
 } 
 if (x == right) break ; 
 while ( less (v, a[--j])) { 
 if (x >= y) break ; 
 if (j == lo) break ; 
 swap (bob, y, x); 
 } 
 } 
 if (i >= j) break ; 
 swap (bob, y, left); 
 exch (a, i, j); 
 return y; 
 } 
 } exch (a, lo, j); 
 return j; 
 } SW Plagiarism clone evolution refactoring 6

  7. 7

  8. pervasively to be used in modified code detection phase bytecode source pervasively modified code decompilers compiler obfuscator obfuscator ARTIFICE original ProGuard Krakatau javac BubbleSort.java EightQueens.java Procyon GuessWord.java TowerOfHanoi.java InfixConverter.java Kapreka_Tran.java MagicSquare.java RailRoadCar.java SLinkedList.java SqrtAlgorithm.java 8

  9. Boiler-Plate Code Flores E., Rosso P ., Moreno L., Villatoro-Tello E. (2014) Detection of SOurce COde re-use (SOCO). http://users.dsic.upv.es/grupos/nle/soco/ 9

  10. Parameter Settings 10 Jonathan H. Ward (Wikipedia CC BY-SA 3.0)

  11. 11

  12. Similarity Report InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ Sqrt/ Sqrt/ … Squr/ Squr/ orig artfc orig orig orig orig artfc artfc artfc artfc orig artfc artfc artfc no no pg pg no no pg pg pg pg kraka procy kraka procy kraka procy kraka procy kraka procy tau on tau on tau on tau on tau on InfConv/orig 100 55 36 63 32 43 34 60 31 43 20 20 … 14 17 InfConv/artifice 55 100 35 54 33 39 37 56 32 39 19 30 … 14 17 InfConv/orig_no_krakatau 36 35 100 38 60 26 80 35 59 26 13 14 … 28 17 InfConv/orig_no_procyon 63 54 38 100 34 58 37 80 34 58 21 20 … 15 21 InfConv/orig_pg_krakatau 32 33 60 34 100 33 61 33 82 33 17 17 … 29 20 InfConv/orig_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 InfConv/artific_no_krakatau 34 37 80 37 61 26 100 36 59 26 14 14 … 28 17 InfConv/artifice_no_procyon 60 56 35 80 33 59 36 100 32 59 19 20 … 15 19 InfConv/artifice_pg_krakatau 31 32 59 34 82 33 59 32 100 33 15 16 … 28 17 InfConv/artifice_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 Sqrt/orig 20 19 13 21 17 19 14 19 15 19 100 32 … 14 16 Sqrt/artifice 20 30 14 20 17 20 14 20 16 20 32 100 … 15 18 … … … … … … … … … … … … … … … … Square/artifice_pg_krakatau 14 14 28 15 29 14 28 15 28 14 14 15 … 100 32 Square/artifice_pg_procyon 17 17 17 21 20 21 17 19 17 21 16 18 … 32 100 12

  13. Similarity Threshold = 50 InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ Sqrt/ Sqrt/ … Squr/ Squr/ orig artfc orig orig orig orig artfc artfc artfc artfc orig artfc artfc artfc no no pg pg no no pg pg pg pg kraka procy kraka procy kraka procy kraka procy kraka procy tau on tau on tau on tau on tau on InfConv/orig 100 55 36 63 32 43 34 60 31 43 20 20 … 14 17 InfConv/artifice 55 100 35 54 33 39 37 56 32 39 19 30 … 14 17 InfConv/orig_no_krakatau 36 35 100 38 60 26 80 35 59 26 13 14 … 28 17 InfConv/orig_no_procyon 63 54 38 100 34 58 37 80 34 58 21 20 … 15 21 InfConv/orig_pg_krakatau 32 33 60 34 100 33 61 33 82 33 17 17 … 29 20 InfConv/orig_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 InfConv/artific_no_krakatau 34 37 80 37 61 26 100 36 59 26 14 14 … 28 17 InfConv/artifice_no_procyon 60 56 35 80 33 59 36 100 32 59 19 20 … 15 19 InfConv/artifice_pg_krakatau 31 32 59 34 82 33 59 32 100 33 15 16 … 28 17 InfConv/artifice_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 Sqrt/orig 20 19 13 21 17 19 14 19 15 19 100 32 … 14 16 Sqrt/artifice 20 30 14 20 17 20 14 20 16 20 32 100 … 15 18 … … … … … … … … … … … … … … … … Square/artifice_pg_krakatau 14 14 28 15 29 14 28 15 28 14 14 15 … 100 32 Square/artifice_pg_procyon 17 17 17 21 20 21 17 19 17 21 16 18 … 32 100 13

  14. Best Threshold 1.00 F-measure = 0.8282 0.75 F-measure 0.50 0.25 31 0.00 0 5 10 15 20 25 30 35 40 45 50 55 60 65 70 75 80 85 90 95 100 Threshold Value (T) 14

  15. Optimal Configuration Best Param Settings Best Threshold Pervasive: 14,880,000 pairwise comparisons SOCO: 99,816,528 pairwise comparisons Icons made by Freepik from www.flaticon.com is licensed by Creative Commons BY 3.0 15

  16. ccfx deckard Clone 
 iclones det. nicad simian jplag-java jplag-text Plag 
 plaggie det. sherlock simjava simtext 7zncd-BZip2 7zncd-Deflate 7zncd-Deflate2 Pervasive 7zncd-LZMA 7zncd-Deflate64 Mod. 7zncd-PPMd bzip2ncd gzipncd Comp. icd ncd-bzlib ncd-zlib xz-ncd bsdiff diff Others difflib fuzzywuzzy jellyfish ngram cosine F1 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1

  17. ccfx deckard Clone 
 iclones det. nicad simian jplag-java jplag-text Plag 
 plaggie det. sherlock simjava simtext 7zncd-BZip2 7zncd-Deflate 7zncd-Deflate2 Boiler- 7zncd-LZMA 7zncd-Deflate64 Plate 7zncd-PPMd bzip2ncd gzipncd Comp. icd ncd-bzlib ncd-zlib xz-ncd bsdiff diff Others difflib fuzzywuzzy jellyfish ngram cosine F1 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1

  18. Highly specialised source code similarity detection techniques and tools can perform better than more general, compression & textual similarity measures. Interesting: difflib and fuzzywuzzy. Icons made by Freepik from www.flaticon.com is licensed by Creative Commons BY 3.0 18

  19. Optimal Configurations CCFX’s Precision vs. Recall Measure Value ccfx’s params b t Precision 1.00 19 7, 8, 9 Recall 0.98 5 12 19

  20. CCFX Optimal Config. 20

  21. b = 5, t = 11, 12 b = 19, t = 7, 8, 9 21

  22. Pervasive Boiler- Plate Mod.

  23. The optimal configurations derived from one data set has a detrimental impact on the similarity detection results for another data set. Cbuckley, Jpowell on en.wikipedia Icons made by Freepik from www.flaticon.com is licensed by Creative Commons BY 3.0 23

  24. javac Krakatau Procyon Normalisation by Decompilation Pervasively modified Normalisation Normalised code code Decompile Compile 24

  25. ccfx deckard Clone 
 iclones det. nicad simian jplag-java jplag-text plaggie Plag 
 det. sherlock simjava simtext 7zncd-BZip2 7zncd-Deflate 7zncd-Deflate2 Orig. 7zncd-LZMA 7zncd-LZMA2 7zncd-PPMd Dec. bzip2ncd gzipncd Comp. icd ncd-bzlib ncd-zlib xz-ncd bsdiff diff Others py-difflib py-fuzzywuzzy py-jellyfish py-ngram py-sklearn 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 F1 F1

  26. Compilation and decompilation can be used as an effective normalisation method that greatly improves similarity detection on Java source code (with statistical significance) IWSC ‘17 Icons made by Freepik from www.flaticon.com is licensed by Creative Commons BY 3.0 26

  27. Ranked Results Only Top k Results ccfx jplag-java fuzzywuzzy difflib ncd-bzlib jplag-text bzip2ncd simjava simian gzipncd gzipncd ncd-zlib ncd-zlib sherlock jplag-text 7zncd-Deflate64 7zncd-PPMd 7zncd-Deflate xzncd fuzzywuzzy 0.8 0.85 0.9 0.95 1 0.8 0.85 0.9 0.95 1 Mean Average Precision (MAP) Mean Average Precision (MAP) Pervasive Mod. Boiler-Plate 27

  28. Distribution of tool’s F1 scores vs. pervasive mod. type Original Obfuscator Decompiler O = original K = Krakatau A = Artifice (source) Pc = Procyon Pg = ProGuard (bytecode) 28

  29. F1 Score 0.1—0.4 0.4—0.6 0.6—0.8 0.8—1.0 O A K Pc Pg Pg A A A A Tool K Pc K Pc Pg Pg K Pc ccfx deckard iclones nicad simian Original jplag-java jplag-text O = original plaggie sherlock simjava Obfuscator simtext 7zncd-BZip2 A = Artifice (source) 7zncd-Deflate 7zncd-Deflate2 Pg = ProGuard 
 7zncd-LZMA (bytecode) 7zncd-LZMA2 7zncd-PPMd bzip2ncd Decompiler gzipncd icd K = Krakatau ncd-zlib Pc = Procyon ncd-bzlib xzncd bsdi ff di ff di ffl ib fuzzywuzzy jellyfish ngram cosine

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Program Code Analyzers Agenda The Problem Dynamic and Static Tools Examples of

Program Code Analyzers Agenda The Problem Dynamic and Static Tools Examples of

Generic Programming and Library Development The Problems Presentation on Program Code Analyzers Dynamic and Static Tools May 18 th 2007 Examples of Tools Program Code Analyzers Agenda The Problem Dynamic and Static Tools

388 views • 13 slides
Usage Of dCache Resilient Pools for User Code Distribution Recap Analyzers and some

Usage Of dCache Resilient Pools for User Code Distribution Recap Analyzers and some

Usage Of dCache Resilient Pools for User Code Distribution Recap Analyzers and some production groups lost access to a subset of their frequently changing code located on Bluearc and have to download files from dCache scratch area. The

213 views • 5 slides
CloPlag A Study of Effects of Code Obfuscation to Code Similarity Detection Tools Chaiyong

CloPlag A Study of Effects of Code Obfuscation to Code Similarity Detection Tools Chaiyong

CloPlag A Study of Effects of Code Obfuscation to Code Similarity Detection Tools Chaiyong Ragkhitwetsagul, Jens Krinke, Albert Cabr Juan Cloned Code vs Plagiarised Code A result from source code Created in a similar way as code

479 views • 31 slides
Sequence comparison: Significance of similarity scores

Sequence comparison: Significance of similarity scores

Sequence comparison: Significance of similarity scores http://faculty.washington.edu/jht/GS559_2013/ Genome 559: Introduction to Statistical and Computational Genomics Prof. James H. Thomas Review How to compute and use a score matrix.

209 views • 17 slides
We were talking about similarity, sequence comparison and alignment. HOW DOES IT WORK ?

We were talking about similarity, sequence comparison and alignment. HOW DOES IT WORK ?

We were talking about similarity, sequence comparison and alignment. HOW DOES IT WORK ? The high end solution Use the most sensible, most powerful, and best trainable tool available ... ... your eyes A T A T T G C A A

565 views • 45 slides
New UPM analyzers & smart kits Power analyzers for energy control in industrial environment

New UPM analyzers & smart kits Power analyzers for energy control in industrial environment

New UPM analyzers & smart kits Power analyzers for energy control in industrial environment for CTs (UPM209 UPM309) for DIRECT connection up to 80A (UPM209) for ROGOWSKI coils (UPM209RGW UPM309RGW) 1 NEW UPM ANALYZERS UPM209 UPM309

260 views • 10 slides
Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical and Computational Genomics Prof. James H. Thomas Review How to compute and use a score matrix. log-odds of sum-of-pair counts vs. expected

296 views • 26 slides
Cross-species comparison of GO annotations : advantages and limitations of semantic similarity

Cross-species comparison of GO annotations : advantages and limitations of semantic similarity

Cross-species comparison of GO annotations : advantages and limitations of semantic similarity measures O. Dameron, C. Bettembourg, L. Joret U936 Conceptual modeling of biomedical knowledge Universit de Rennes 1, France

467 views • 44 slides
Similarity of 2D images: An application to the forensic comparison of shoe outsole impressions

Similarity of 2D images: An application to the forensic comparison of shoe outsole impressions

Similarity of 2D images: An application to the forensic comparison of shoe outsole impressions Soyoung Park, Ph.D and Alicia Carriquiry,Ph.D CSAFE/Iowa State University March, 11,2019 1/29 Acknowledgements Thanks to, Dr. Hariharan K.

627 views • 29 slides
Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical and Computational Genomics Prof. James H. Thomas Are these proteins related? SEQ 1: RVVNLVPS--FWVLDATYKNYAINYNCDVTYKLY NO (score = 9) L P W L

607 views • 24 slides
Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical

Sequence comparison: Significance of similarity scores Genome 559: Introduction to Statistical and Computational Genomics Prof. James H. Thomas The null hypothesis We are interested in characterizing the distribution of scores from

343 views • 15 slides
Code Similarity via Natural Language Descriptions Meital Ben Sinai & Eran Yahav Technion

Code Similarity via Natural Language Descriptions Meital Ben Sinai & Eran Yahav Technion

www.like2drops.com Code Similarity via Natural Language Descriptions Meital Ben Sinai & Eran Yahav Technion Israel Institute of Technology Off the Beaten Track, Jan 2015 1/30 OBT'15 - Code Similarity via Natural Language Descriptions

401 views • 39 slides
Sequence Comparison: Significance of similarity scores Genome 373 Genomic Informatics Elhanan

Sequence Comparison: Significance of similarity scores Genome 373 Genomic Informatics Elhanan

Sequence Comparison: Significance of similarity scores Genome 373 Genomic Informatics Elhanan Borenstein Review Local alignment algorithm: Global alignment algorithm: Smith-Waterman . Needleman-Wunsch . Are these proteins related? The

499 views • 21 slides
Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly

SemEval 2014 Task-3 Cross-Level Semantic Similarity MultiJEDI ERC 259234 Semantic Similarity Semantic Similarity Mostly focused on similar types of lexical items Semantic Similarity What if we have different types of inputs? CLSS:

971 views • 47 slides
Document Clustering: Comparison of Similarity Measures Shouvik Sachdeva Bhupendra Kastore

Document Clustering: Comparison of Similarity Measures Shouvik Sachdeva Bhupendra Kastore

Introduction Methodology Related Work The End Document Clustering: Comparison of Similarity Measures Shouvik Sachdeva Bhupendra Kastore Indian Institute of Technology, Kanpur CS365 Project, 2014 Introduction Methodology Related Work The

729 views • 33 slides
1 So, similarity is not a Boolean notion It is Similarity Are they similar? relatively

1 So, similarity is not a Boolean notion It is Similarity Are they similar? relatively

Ranking Ordering according to the degree of some fuzzy notions: Ranking and Preference in Similarity (or dissimilarity) Relevance Database Search: Preference Q a) Similarity and Relevance Kevin Chen-Chuan Chang ranking 2

544 views • 16 slides
Demographic and Economic Trends in Rural America John Cromartie Geographer, ERS-USDA Tom Hertz

Demographic and Economic Trends in Rural America John Cromartie Geographer, ERS-USDA Tom Hertz

Demographic and Economic Trends in Rural America John Cromartie Geographer, ERS-USDA Tom Hertz Economist, ERS-USDA Lorin Kusmin Economist, ERS-USDA Presentation for HUD Rural Gateway Peer-to-Peer Call September 28, 2016 The views

226 views • 18 slides
The German Honeynet Project A short overview Thorsten Holz & Markus Koetter UNIVERSITT

The German Honeynet Project A short overview Thorsten Holz & Markus Koetter UNIVERSITT

The German Honeynet Project A short overview Thorsten Holz & Markus Koetter UNIVERSITT MANNHEIM Pi1 - Laboratory for Dependable Distributed Systems Outline GenIII honeynets Google Hack Honeypots (GHH) nepenthes / mwcollect

476 views • 19 slides
IDR as a Deflation Method Gerard Sleijpen Department of Mathematics

IDR as a Deflation Method Gerard Sleijpen Department of Mathematics

Netherlands-Japan, NLA2012, Delft, April 10, 2012 IDR as a Deflation Method Gerard Sleijpen Department of Mathematics http://www.staff.science.uu.nl/ sleij101/ Gerard Sleijpen Joint work with Martin van Gijzen Delft University of

940 views • 64 slides
Comparison of Projection Methods TU Berlin derived from Deflation, Domain Deflation Comparison

Comparison of Projection Methods TU Berlin derived from Deflation, Domain Deflation Comparison

DD, MG and Deflation Reinhard Nabben Comparison of Projection Methods TU Berlin derived from Deflation, Domain Deflation Comparison Decomposition and Multigrid Methods Deflation vs. additive coarse grid corrections Deflation vs

1.12k views • 37 slides
Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was

Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was

9/3/11 11:15 AM Scaling Apache for LAMP bud@thinkcube.com | twitter @geekaholic The folk story is that Apache was named after "A-patchy-server", which was the result of NCSA httpd server being patched a lot. The project was started by

537 views • 8 slides
A KRYLOV-SCHUR-TYPE ALGORITHM FOR EIGENPROBLEMS WITH HAMILTONIAN SPECTRAL SYMMETRY Peter Benner

A KRYLOV-SCHUR-TYPE ALGORITHM FOR EIGENPROBLEMS WITH HAMILTONIAN SPECTRAL SYMMETRY Peter Benner

A KRYLOV-SCHUR-TYPE ALGORITHM FOR EIGENPROBLEMS WITH HAMILTONIAN SPECTRAL SYMMETRY Peter Benner Professur Mathematik in Industrie und Technik Fakult at f ur Mathematik Technische Universit at Chemnitz RANMEP2008 National Tsinghua

1.19k views • 79 slides
Numerical algorithms for large-scale Hamiltonian eigenproblems Peter Benner Professur Mathematik

Numerical algorithms for large-scale Hamiltonian eigenproblems Peter Benner Professur Mathematik

Numerical algorithms for large-scale Hamiltonian eigenproblems Peter Benner Professur Mathematik in Industrie und Technik Fakult at f ur Mathematik Technische Universit at Chemnitz joint work with Heike Fabender (TU Braunschweig),

921 views • 60 slides
Reassessing Trends in U.S. Top Income Shares: The Role of Population and Productivity Growth

Reassessing Trends in U.S. Top Income Shares: The Role of Population and Productivity Growth

Reassessing Trends in U.S. Top Income Shares: The Role of Population and Productivity Growth Carla Krolage*, Andreas Peichl*, Daniel Waldenstr om** *ifo institute, LMU **Paris School of Economics & IFN, Stockholm WID conference,

410 views • 22 slides

More recommend