cloplag
play

CloPlag A Study of Effects of Code Obfuscation to Code Similarity - PowerPoint PPT Presentation

Apr 08, 2023 •168 likes •479 views

CloPlag A Study of Effects of Code Obfuscation to Code Similarity Detection Tools Chaiyong Ragkhitwetsagul, Jens Krinke, Albert Cabr Juan Cloned Code vs Plagiarised Code A result from source code Created in a similar way as code

  1. CloPlag A Study of Effects of Code Obfuscation to Code Similarity Detection Tools Chaiyong Ragkhitwetsagul, Jens Krinke, Albert Cabré Juan

  2. Cloned Code vs Plagiarised Code A result from source code Created in a similar way as code • • reuse by copying and pasting clones but with different intention [maybe with some Source code plagiarism violates • modifications] academic regulations Segments of code which are • Oracle vs Google law suit 2 • identical or similar Code maintenance and • management In some cases, code cloning • may violate software license 1 [1] A. Monden, S. Okahara, Y. Manabe, and K. Matsumoto, “Guilty or Not Guilty: Using Clone Metrics to Determine Open Source Licensing Violations,” IEEE Software, vol. 28, no. 2, pp. 42–47, 2011. [2] http://www.mondaq.com/unitedstates/x/271942/ 2

  3. What is Obfuscation? • Modifying a program while preserving its semantics • Can be achieved at 2 levels: Source code • Byte code • 3

  4. Research Questions RQ1: how do current detection tools perform against code obfuscation? RQ2: what is the best parameter settings and similarity threshold of each tool? RQ3: how do compilation and decompilation facilitate the detection process? RQ4: can we apply the best parameters and threshold to other datasets effectively? 4

  5. Overview of the Empirical Study • Java programs are obfuscated at: Source code level • Byte code level • Combination of both • • Several similarity detection tools are applied to the data set • Varying the settings and threshold of each tool • Measure performance of each tool 5

  6. Tools Obfuscators Decompilers Detectors ARTIFICE Procyon Clone ProGuard Krakatau SW plagiarism Compression Others 6

  7. Obfuscators ARTIFICE ProGuard • Bytecode level Source code level • Renaming, changing loops & • Rename classes, fields, • conditional statements, variables to short, meaningless changing increment/ decrement statements Schulze, S., & Meyer, D. (2013). On the robustness of clone detection to code obfuscation. 2013 7th International Workshop on Software Clones (IWSC) 7

  8. Detectors Clone detectors Plagiarism detectors CCFinderX JPlag iClones Sherlock, Plaggie Simian, NiCad Sim Deckard ncd-bzlib diff, bsdiff 7zncd-BZip2 py-difflib Inclusion py-sklearn.cosine_similarity Compression Others * Totally 21 tools ** All tools have to report similarity values (0 - 100) 8

  9. Test Case 1 • RQ1: how do current detection tools perform against code obfuscation? • RQ2: what is the best parameter settings and similarity threshold of each tool? • A series of small Java programs InfixConverter SqrtAlgorithm Hanoi Queens MagicSquare 9

  10. Test Data Preparation obfuscated to be used in source code detection phase bytecode source obfuscated code decompilers obfuscator obfuscator compiler ARTIFICE ProGuard Procyon original javac Krakatau InfixConverter.java SqrtAlgorithm.java Hanoi.java Queens.java MagicSquare.java 10

  11. Similarity Calculation 5 sets Hanoi Detection tools original ccfx* similarity report jplag* obfuscated sim 10 files … /set py-difflib * Most tools have different parameter settings which can strongly affect the results 11

  12. Similarity Calculation for Unsupported Tools 0_orig.txt 0_orig 0_orig.xml GCF 0.8798 File Simian SimCal Converters 1_arti fj ce.x 1_arti fj ce.t ml 1_arti fj ce xt Tools using GCF 1 + SimCal include • Simian (textual report) • iClones (RCF format) • NiCad (XML report) • Deckard (textual report) [1] Wang, T., Harman, M., Jia, Y., & Krinke, J. (2013). Searching for Better Configurations: A Rigorous Approach to Clone Evaluation. FSE’13 12

  13. Similarity Report (ncd-bzlib) 13 InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ Sqrt/ Sqrt/ … Squr/ Squr/ orig artfc orig orig orig orig artfc artfc artfc artfc orig artfc artfc artfc no no pg pg no no pg pg pg pg kraka procy kraka procy kraka procy kraka procy kraka procy tau on tau on tau on tau on tau on InfConv/orig 100 55 36 63 32 43 34 60 31 43 20 20 … 14 17 InfConv/artifice 55 100 35 54 33 39 37 56 32 39 19 30 … 14 17 InfConv/orig_no_krakatau 36 35 100 38 60 26 80 35 59 26 13 14 … 28 17 InfConv/orig_no_procyon 63 54 38 100 34 58 37 80 34 58 21 20 … 15 21 InfConv/orig_pg_krakatau 32 33 60 34 100 33 61 33 82 33 17 17 … 29 20 InfConv/orig_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 InfConv/artific_no_krakatau 34 37 80 37 61 26 100 36 59 26 14 14 … 28 17 InfConv/artifice_no_procyon 60 56 35 80 33 59 36 100 32 59 19 20 … 15 19 InfConv/artifice_pg_krakatau 31 32 59 34 82 33 59 32 100 33 15 16 … 28 17 InfConv/artifice_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 Sqrt/orig 20 19 13 21 17 19 14 19 15 19 100 32 … 14 16 Sqrt/artifice 20 30 14 20 17 20 14 20 16 20 32 100 … 15 18 … … … … … … … … … … … … … … … … Square/artifice_pg_krakatau 14 14 28 15 29 14 28 15 28 14 14 15 … 100 32 Square/artifice_pg_procyon 17 17 17 21 20 21 17 19 17 21 16 18 … 32 100

  14. ncd-bzlib with similarity threshold = 50 14 InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ Sqrt/ Sqrt/ … Squr/ Squr/ orig artfc orig orig orig orig artfc artfc artfc artfc orig artfc artfc artfc no no pg pg no no pg pg pg pg kraka procy kraka procy kraka procy kraka procy kraka procy tau on tau on tau on tau on tau on InfConv/orig 100 55 36 63 32 43 34 60 31 43 20 20 … 14 17 InfConv/artifice 55 100 35 54 33 39 37 56 32 39 19 30 … 14 17 InfConv/orig_no_krakatau 36 35 100 38 60 26 80 35 59 26 13 14 … 28 17 InfConv/orig_no_procyon 63 54 38 100 34 58 37 80 34 58 21 20 … 15 21 InfConv/orig_pg_krakatau 32 33 60 34 100 33 61 33 82 33 17 17 … 29 20 InfConv/orig_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 InfConv/artific_no_krakatau 34 37 80 37 61 26 100 36 59 26 14 14 … 28 17 InfConv/artifice_no_procyon 60 56 35 80 33 59 36 100 32 59 19 20 … 15 19 InfConv/artifice_pg_krakatau 31 32 59 34 82 33 59 32 100 33 15 16 … 28 17 InfConv/artifice_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 Sqrt/orig 20 19 13 21 17 19 14 19 15 19 100 32 … 14 16 Sqrt/artifice 20 30 14 20 17 20 14 20 16 20 32 100 … 15 18 … … … … … … … … … … … … … … … … Square/artifice_pg_krakatau 14 14 28 15 29 14 28 15 28 14 14 15 … 100 32 Square/artifice_pg_procyon 17 17 17 21 20 21 17 19 17 21 16 18 … 32 100

  15. ncd-bzlib with similarity threshold = 25 15 InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ InfC/ Sqrt/ Sqrt/ … Squr/ Squr/ orig artfc orig orig orig orig artfc artfc artfc artfc orig artfc artfc artfc no no pg pg no no pg pg pg pg kraka procy kraka procy kraka procy kraka procy kraka procy tau on tau on tau on tau on tau on InfConv/orig 100 55 36 63 32 43 34 60 31 43 20 20 … 14 17 InfConv/artifice 55 100 35 54 33 39 37 56 32 39 19 30 … 14 17 InfConv/orig_no_krakatau 36 35 100 38 60 26 80 35 59 26 13 14 … 28 17 InfConv/orig_no_procyon 63 54 38 100 34 58 37 80 34 58 21 20 … 15 21 InfConv/orig_pg_krakatau 32 33 60 34 100 33 61 33 82 33 17 17 … 29 20 InfConv/orig_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 InfConv/artific_no_krakatau 34 37 80 37 61 26 100 36 59 26 14 14 … 28 17 InfConv/artifice_no_procyon 60 56 35 80 33 59 36 100 32 59 19 20 … 15 19 InfConv/artifice_pg_krakatau 31 32 59 34 82 33 59 32 100 33 15 16 … 28 17 InfConv/artifice_pg_procyon 43 39 26 58 33 100 26 59 33 100 19 20 … 14 21 Sqrt/orig 20 19 13 21 17 19 14 19 15 19 100 32 … 14 16 Sqrt/artifice 20 30 14 20 17 20 14 20 16 20 32 100 … 15 18 … … … … … … … … … … … … … … … … Square/artifice_pg_krakatau 14 14 28 15 29 14 28 15 28 14 14 15 … 100 32 Square/artifice_pg_procyon 17 17 17 21 20 21 17 19 17 21 16 18 … 32 100

  16. 1. Best threshold (T) • Find the “best threshold (T)” of each tool with a specific parameter setting • Calculate a sum of false positive and false negative (FP + FN) of all thresholds • Choose T with the minimum false results BestThreshold = {T|Min(FP T + FN T )} 16

  17. Threshold selection Best threshold = 31 (FP+FN=166) F-measure Threshold TP FP TN FN FP+FN Precision Recall (F1) 31 400 66 1934 100 166 0.8583690 0.8 0.828157 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Design and Analysis of Algorithms (CS6161) Syllabus University of Virginia Professor Gabriel

Design and Analysis of Algorithms (CS6161) Syllabus University of Virginia Professor Gabriel

Design and Analysis of Algorithms (CS6161) Syllabus University of Virginia Professor Gabriel Robins Course description : Analyzes concepts in algorithm design, problem solving strategies, proof techniques, complexity analysis, upper and lower

180 views • 3 slides
Detecting Multi-Word Expressions " using Supervised ML Methods 1 Name: Yaakov

Detecting Multi-Word Expressions " using Supervised ML Methods 1 Name: Yaakov

Detecting Multi-Word Expressions " using Supervised ML Methods 1 Name: Yaakov HaCohen-Kerner Affiliation: Jerusalem College of Technology, Jerusalem, Israel WG3: Statistical, Hybrid and Multilingual Processing of MWEs 5 2014

3.25k views • 3 slides
How much do new students learn about information literacy in their first months of college? A

How much do new students learn about information literacy in their first months of college? A

How much do new students learn about information literacy in their first months of college? A comparison of nursing and teacher education students at a Norwegian university Library IL-courses Searching Evaluating and citing sources

834 views • 23 slides
Paraphrasing vs. Plagiarism rev ised : 0 3.0 4.13 | | English 1301: Com position I || D. Glen Sm

Paraphrasing vs. Plagiarism rev ised : 0 3.0 4.13 | | English 1301: Com position I || D. Glen Sm

Paraphrasing vs. Plagiarism rev ised : 0 3.0 4.13 | | English 1301: Com position I || D. Glen Sm ith, instructor 1 Paraphrasing vs. Plagiarism Research papers m ake students nervous. There are m any w ays to unintentionally create im proper

259 views • 12 slides
Programplagiarism-detection with Marble Jurriaan Hage (jur@cs.uu.nl) Department of Information

Programplagiarism-detection with Marble Jurriaan Hage (jur@cs.uu.nl) Department of Information

Programplagiarism-detection with Marble 1 / 33 Programplagiarism-detection with Marble Jurriaan Hage (jur@cs.uu.nl) Department of Information and Computing Sciences, Universiteit Utrecht P.O.Box 80.089, 3508 TB Utrecht, The Netherlands April

583 views • 29 slides
NOT SORRY FOR DOING IT, BUT VERY SORRY FOR GETTING CAUGHT: DEALING WITH

NOT SORRY FOR DOING IT, BUT VERY SORRY FOR GETTING CAUGHT: DEALING WITH

NOT SORRY FOR DOING IT, BUT VERY SORRY FOR GETTING CAUGHT: DEALING WITH PLAGIARISM IN THE ASIA PACIFIC CLASSROOM Presented by Contribu5ng author LEANDA CARE YVONNE MCNULTY Partner,

338 views • 18 slides
Word Embeddings Prof. Srijan Kumar with Arindum Roy and Roshan Pati 1 Srijan Kumar, Georgia

Word Embeddings Prof. Srijan Kumar with Arindum Roy and Roshan Pati 1 Srijan Kumar, Georgia

CSE 6240: Web Search and Text Mining. Spring 2020 Word Embeddings Prof. Srijan Kumar with Arindum Roy and Roshan Pati 1 Srijan Kumar, Georgia Tech, CSE6240 Spring 2020: Web Search and Text Mining Administrivia Homework: Will be released

898 views • 69 slides
Advances in Programming Languages APL2: Coursework assigment topics Ian Stark School of

Advances in Programming Languages APL2: Coursework assigment topics Ian Stark School of

Advances in Programming Languages APL2: Coursework assigment topics Ian Stark School of Informatics The University of Edinburgh Thursday 14 January 2010 Semester 2 Week 1 N I V E U R S E I H T T Y O H F G R E

768 views • 22 slides
Crediting Sources Lectures 6 Lucia Milone LUISS Guido Carli, Rome April 7th, 2014 Plagiarism

Crediting Sources Lectures 6 Lucia Milone LUISS Guido Carli, Rome April 7th, 2014 Plagiarism

Plagiarism Quotation Paraphrasing In-text Citation Reference List Crediting Sources Lectures 6 Lucia Milone LUISS Guido Carli, Rome April 7th, 2014 Plagiarism Quotation Paraphrasing In-text Citation Reference List References for this

659 views • 25 slides
Welcome to the EIU Graduate Programs Master of Science in Technology Master of Science in

Welcome to the EIU Graduate Programs Master of Science in Technology Master of Science in

Welcome to the EIU Graduate Programs Master of Science in Technology Master of Science in Sustainable Energy Fall Semester 2015 EIU IU School of f Technology Master of Science in Technology Graduate Certification Programs Computer

565 views • 8 slides
plagiarism detection system Andrzej Sobecki, Marcin Kpa IKC 2017 Plagiarism detection problem

plagiarism detection system Andrzej Sobecki, Marcin Kpa IKC 2017 Plagiarism detection problem

Improving performance of a plagiarism detection system Andrzej Sobecki, Marcin Kpa IKC 2017 Plagiarism detection problem Text documents unstructured form Finding a potential source documents based on the suspected document

531 views • 13 slides
Devlin Chapter 1 Discussion, Plagiarism Examples Math 100, Fall 2013 Instructor: Robert Ellis,

Devlin Chapter 1 Discussion, Plagiarism Examples Math 100, Fall 2013 Instructor: Robert Ellis,

Devlin Chapter 1 Discussion, Plagiarism Examples Math 100, Fall 2013 Instructor: Robert Ellis, Applied Mathematics Illinois Institute of Technology PSA During class, please refrain from: Texting Instant messaging Using facebook

435 views • 18 slides
Renewable Resources 480 Experimental Design & Data Analysis in Environmental Sciences

Renewable Resources 480 Experimental Design & Data Analysis in Environmental Sciences

Renewable Resources 480 Experimental Design & Data Analysis in Environmental Sciences Univariate Statistics and Data Management with R Something about me Laura Gray Post-doctoral Fellow www.ualberta.ca/~lkgray BSc in Mathematics,

453 views • 19 slides
CS 309: Autonomous Intelligent Robotics Instructor: Jivko Sinapov

CS 309: Autonomous Intelligent Robotics Instructor: Jivko Sinapov

CS 309: Autonomous Intelligent Robotics Instructor: Jivko Sinapov http://www.cs.utexas.edu/~jsinapov/teaching/cs309_spring2017/ Overview of the Class Quick Intro Syllabus Class Goals Policies and Procedures Class Web Page

293 views • 25 slides
Language and Computers Unsupervised Learning Features & Classifying Documents Evidence

Language and Computers Unsupervised Learning Features & Classifying Documents Evidence

Language and Computers Classifying Documents Introduction Language Identification Machine Learning Supervised Learning Language and Computers Unsupervised Learning Features & Classifying Documents Evidence Measuring sucess

800 views • 45 slides
ETHICS Prita Pant Dept. of Metallurgical Engineering and Materials Science, IIT Bombay Ethics

ETHICS Prita Pant Dept. of Metallurgical Engineering and Materials Science, IIT Bombay Ethics

ETHICS Prita Pant Dept. of Metallurgical Engineering and Materials Science, IIT Bombay Ethics are? ( used with a singular or plural verb ) a system of moral principles. the rules of conduct recognized in respect to a particular class

346 views • 10 slides
Automated Detection of Plagiarism based on Whitespace and History Markus Ongyerth December 4,

Automated Detection of Plagiarism based on Whitespace and History Markus Ongyerth December 4,

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Automated Detection of Plagiarism based on Whitespace and History Markus Ongyerth December 4, 2017 Chair of Network Architectures and

681 views • 20 slides
Executive MBA Academic Standards & Policies Academic Standards & Grading Scale

Executive MBA Academic Standards & Policies Academic Standards & Grading Scale

Executive MBA Academic Standards & Policies Academic Standards & Grading Scale Academic Standards Form will be signed and A = 4.00 To be in good submitted by each new student. academic standing, A- = 3.67 Outlines

311 views • 5 slides
Pre Prese sente nter Di Diana Wo Wood odwo worth, Fi Financ ancial Aid d Coordinato

Pre Prese sente nter Di Diana Wo Wood odwo worth, Fi Financ ancial Aid d Coordinato

GSI GSI Ori Orientati entation n Winter 2 Winter 2018 Pre Prese sente nter Di Diana Wo Wood odwo worth, Fi Financ ancial Aid d Coordinato ator, dianaw anaw@umich.e .edu Introdu oduction ons Your Your name name Your

639 views • 28 slides
ATS 2017 Call for Abstracts Instructions for Title, Type, Category and Presentation Preference Add

ATS 2017 Call for Abstracts Instructions for Title, Type, Category and Presentation Preference Add

ATS 2017 Call for Abstracts Instructions for Title, Type, Category and Presentation Preference Add Title Although there are limitations to the text formatting of the abstract title, submitters can still include the following by using the toolbar

490 views • 19 slides
61A Lecture 36 Big Data : A buzzword used to describe data sets so large that they reveal

61A Lecture 36 Big Data : A buzzword used to describe data sets so large that they reveal

MapReduce MapReduce is a framework for batch processing of Big Data. What does that mean? Framework : A system used by programmers to build applications. Batch processing : All the data is available at the outset, and results aren't used

166 views • 3 slides
infotexture Information Architecture & Content Strategy Roger W. Fienhold Sheen Agenda

infotexture Information Architecture & Content Strategy Roger W. Fienhold Sheen Agenda

Marking Down DITA DITA-OT Markdown plugins infotexture Information Architecture & Content Strategy Roger W. Fienhold Sheen Agenda Markdown Web Writing Simplified Mobile Authoring & Lightweight Content Markdown Meets DITA

264 views • 10 slides
A Theory of Aspects as Latent Topics t Pierre Baldi, Cristina Lopes, Erik Linstead, Sushil

A Theory of Aspects as Latent Topics t Pierre Baldi, Cristina Lopes, Erik Linstead, Sushil

A Theory of Aspects as Latent Topics t Pierre Baldi, Cristina Lopes, Erik Linstead, Sushil Bajracharya Donald Bren School of Information and Computer Science University of California, Irvine {pfbaldi,lopes,elinstea,sbajrach}@ics.uci.edu 1

669 views • 35 slides
Natural Language Processing CSCI 4152/6509 Lecture 4 About Course Project; Automata and

Natural Language Processing CSCI 4152/6509 Lecture 4 About Course Project; Automata and

Natural Language Processing CSCI 4152/6509 Lecture 4 About Course Project; Automata and Regular Expressions Instructor: Vlado Keselj Time and date: 09:3510:25, 14-Jan-2020 Location: Dunn 135 CSCI 4152/6509, Vlado Keselj Lecture 4 1 /

528 views • 15 slides

More recommend