针对软件修复的相对相似性评价模型

Relative similarity evaluation model for software repair

下载PDF

导出

摘要利用软件修复的局部性和针对性,将行为观察序列相似性度量与软件修复过程本身相关联,引入相对相似性评价指标,建立软件修复相对相似性评价模型。该模型将修复验证问题转换为修复后行为相似性度量问题,克服了现有修复技术缺乏有效评价的缺点。在实验中分别对补丁和动态修复进行研究,对比了地址对序列、系统调用序列以及混杂序列,说明评价模型的工作方式,实验表明了该模型的有效性,同时说明了混杂序列具有更强的表达能力。 Combining behavior observation sequence and relations between the repair process and corresponding software,this paper introduced the RSEM（relative similarity evaluation model） for software repair according to the local characteristics.RSEM translated verification problem into a behavior similarity measure problem to overcome the shortcomings of existing technology for lack of an effective evaluation.In the experiment,studied patches and dynamics repair respectively.Comparing the use of pair-addresses,system call sequence,as well as mixed sequence illustrates the evaluation model works,and also shows the effectiveness of the model and the mixed sequences have a stronger ability to express the software behavior.

作者何加浪张琨孟锦张宏

机构地区南京理工大学计算机科学与技术学院

出处《计算机应用研究》 CSCD 北大核心 2011年第4期1410-1412,共3页 Application Research of Computers

基金国家自然科学基金资助项目(90718021) 自主科研专项计划资助项目(2010ZYTS035)

关键词软件修复验证相似性测度评价 software repair verification similarity measure evaluation

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献12

1NARAINE R. Faulty Microsoft update rekindles patch quality con-ceres[ EB/OL]. (2005-05-13) [2009-08-12]. http://www, eweek. corn/c/a/Security/Faulty -Microsoft -U palate-Rekindles-Patch-Quality- Concerns/.
2BEATTIE S, ARNOLD S, COWAN C, et al. Timing the application of security patches for optimal uptime[ C]//Proc of the 16th USENIX Conference on System Administration. Berkeley, CA: VSEN1X Association, 2002 : 233 - 242.
3SIDIROGLOU S, LAADAN O, PEREZ C, et al. ASSURE: automatic software self-healing using rescue points[ C]//Proc of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems. New York : ACM,2009 : 37- 48.
4QIN F, TUCEK J, SUNDARESAN J, et al. Rx: treating bugs as allergies-a safe method to survive software failures[ J ]. ACM Trans on Computer Systems,2007,25 ( 3 ) :235- 248.
5SIDIROGLOU S', LOCASTO M E, BOYD S W, et al. Building a reactive immune system for software services [ C ]//Proc of the 2005 USENIX Annual Technical Conference. Berkeley, CA:VSENIX Association ,2005 : 149-161.
6BARRETT R, MAGL|O'P P, KANDOGAN E, et al. Usable autonomic computing systems: the administrator' s perspective [ J ]. Advanced Enginee-ring Informatics,2005,19(3) :213-221.
7COOK J E, DAGE J A. Highly reliable upgrading of components [ C ]//Proc of the 21 st International Conference on Software Engineer2 ing. New York : ACM, 1999:203- 212.
8TUCEK J, XIONG W, ZHOU Y. Efficient online validation with delta execution[ J]. ACM SIGPLAN Notices,2009,44(3 ) :193-204.
9SATHRE J, ZAMBRENO J. Automated software attack recovery using rollback and huddle [J]. Springer Journal of Design Automation for Embedded Systems,2008,12 ( 3 ) :243- 260.
10LOCASTO M E, STAVROU A, CRETU G F. Life after self-healing: assessing post-repair program behavior, Tech Report GMU-CS-TR-2008- 3 [ R ]. Virginia : Department of Computer Science, George Ma- son University ,2008.

二级参考文献15

1Aleph One. Smashing the stack for fun and profit[J]. Phrack, 1996,7(49) : 14 - 15.
2David Wagner,Jeffrey S.Foster, et al.A first step towards automated detection of buffer overrun vulnerabilities [ A ]. In Pro-ceedings of Network and Distributed System Security Sympo-sium[ C]. San Diego: Intemet Society Press, 2000.
3Olatunji Ruwase, Monica S I.am. A practical dynamic buffer overflow detectorl AI .In Proceedings of the llth An-nual Network and Distributed System Security Symposium [ C ]. SanDiego: Intemet Society Press,2004. 159 - 169.
4"Solar Designer". Non-Executable User Stack [ DB/OL ].http://www, false, com/secufity/linux-stack/, 2006-05-11/2006-05-11.
5C Cowan,C Pu, D Maier, J Walpole,et al. Stack-guard: automatic adaptive detection and prevention of buffer-overflow attacks[A] .In Proceedings of the 7th USENIX Security Conference[ C]. San Antonio: USENIX Press, 1998.63 - 78.
6Stephanie Forrest, Steven A. Hofmeyr, et al. A Sense of Self for Unix Processes[ A] .In proceedings of the IEEE Sympo-sium on Research in Security and Privacy [ C ]. Los Alamitos: IEEE Computer Society Press, 1996.120- 128.
7Hofmeyr SA, Forrest S,et al. A. Intrusion detection using sequences of system calls [ J ]. Journal of Computer Security,1998,6(3) : 151 - 180.
8D Wagner,D Dean. Intntsion detection via static analysis[ A].In IEEE Symposium on Security and Privacy[C]. Oakland:IEEE. Computer Society Press,2001. 156 - 169.
9H H Feng, Jonathon T Giffin, et al. Formalizing sensitivity in static analysis for intrusion detection[A]. In IEEE Sym-posium on Security and Privacy[C]. Oakland: IEEE Computer Society Press, 2004. 194-208.
10D Wagner, Paolo Soto. Mimicry attacks on host-based intrusion detection systems [ A ].Conference on Computer and Communications Security [ C ]. New York, NY: ACM Press,2002. 255 - 264.

共引文献4

1葛毅,茅兵,谢立.基于内存更新记录的漏洞攻击错误定位方法[J].计算机科学,2009,36(1):252-255. 被引量：2
2陈平,韩浩,沈晓斌,殷新春,茅兵,谢立.基于动静态程序分析的整形漏洞检测工具[J].电子学报,2010,38(8):1741-1747. 被引量：7
3陈平,邢骁,辛知,王逸,茅兵,谢立.基于封装结构随机化的程序保护方法[J].计算机研究与发展,2011,48(12):2227-2234. 被引量：2
4朱雪梅,王兴起,方景龙,王大全.二进制程序整型符号转换缺陷的动态检测方法[J].计算机工程与应用,2015,51(18):56-61.

1王谨.数码照片的修复[J].北京宣武红旗业余大学学报,2005(3):36-37.
2360安全卫士无法使用[J].电脑爱好者（普及版）,2011(A02):46-46.
3怎样简单修复IE故障[J].数码时代,2008(10):137-137.
4电脑解毒大法[J].中国职工教育,2002,0(2):30-30.
5陈晓军.借助Usboot软件修复TF卡[J].电脑知识与技术（经验技巧）,2013(1):29-29.
6万勇.电脑硬盘常见故障的判断与处理[J].黑龙江科技信息,2009(27):91-91.
7杨炯.用GHOST软件修复硬盘故障[J].电脑迷,2003,0(8):27-27.
8Explorer进程无法自动加载[J].电脑爱好者,2005(9):81-81.
9借助工具软件修复Word文档[J].电脑爱好者,2004(16):111-111.
10李健.轻松修复Word乱码文档[J].软件指南,2006(11):24-24.

计算机应用研究

2011年第4期

浏览历史

内容加载中请稍等...

针对软件修复的相对相似性评价模型

参考文献12

二级参考文献15

共引文献4

相关作者

相关机构

相关主题

浏览历史