An application programming interface (API) usage specifcation, which includes the conditions, calling sequences, and semantic relationships of the API, is important for verifying its correct usage, which is in turn cr...An application programming interface (API) usage specifcation, which includes the conditions, calling sequences, and semantic relationships of the API, is important for verifying its correct usage, which is in turn critical for ensur-ingthe security and availability of the target program. However, existing techniques either mine the co-occurring relationships of multiple APIs without considering their semantic relationships, or they use data fow and control fow information to extract semantic beliefs on API pairs but difcult to incorporate when mining specifcations for mul-tipleAPIs. Hence, we propose an API specifcation mining approach that efciently extracts a relatively complete list of the API combinations and semantic relationships between APIs. This approach analyzes a target program in two stages. The frst stage uses frequent API set mining based on frequent common API identifcation and fltra-tionto extract the maximal set of frequent context-sensitive API sequences. In the second stage, the API relationship graph is constructed using three semantic relationships extracted from the symbolic path information, and the speci-fcationscontaining semantic relationships for multiple APIs are mined. The experimental results on six popular open-source code bases of diferent scales show that the proposed two-stage approach not only yields better results than existing typical approaches, but also can efectively discover the specifcations along with the semantic rela-tionshipsfor multiple APIs. Instance analysis shows that the analysis of security-related API call violations can assist in the cause analysis and patch of software vulnerabilities.展开更多
文摘An application programming interface (API) usage specifcation, which includes the conditions, calling sequences, and semantic relationships of the API, is important for verifying its correct usage, which is in turn critical for ensur-ingthe security and availability of the target program. However, existing techniques either mine the co-occurring relationships of multiple APIs without considering their semantic relationships, or they use data fow and control fow information to extract semantic beliefs on API pairs but difcult to incorporate when mining specifcations for mul-tipleAPIs. Hence, we propose an API specifcation mining approach that efciently extracts a relatively complete list of the API combinations and semantic relationships between APIs. This approach analyzes a target program in two stages. The frst stage uses frequent API set mining based on frequent common API identifcation and fltra-tionto extract the maximal set of frequent context-sensitive API sequences. In the second stage, the API relationship graph is constructed using three semantic relationships extracted from the symbolic path information, and the speci-fcationscontaining semantic relationships for multiple APIs are mined. The experimental results on six popular open-source code bases of diferent scales show that the proposed two-stage approach not only yields better results than existing typical approaches, but also can efectively discover the specifcations along with the semantic rela-tionshipsfor multiple APIs. Instance analysis shows that the analysis of security-related API call violations can assist in the cause analysis and patch of software vulnerabilities.
