a method to evaluate cfg comparison algorithms
play

A Method to Evaluate CFG Comparison Algorithms Patrick P.F. Chan - PowerPoint PPT Presentation

Nov 13, 2022 •136 likes •655 views

A Method to Evaluate CFG Comparison Algorithms Patrick P.F. Chan Christian Collberg Research problem Which CFG similarity algorithm is better? I come up with a new algorithm, how does it compare to the existing ones? Is there a

  1. A Method to Evaluate CFG Comparison Algorithms Patrick P.F. Chan Christian Collberg

  2. Research problem • Which CFG similarity algorithm is better? • I come up with a new algorithm, how does it compare to the existing ones? • Is there a systematic way to compare CFG similarity algorithms?

  3. Research outcomes • A methodology to evaluate and compare CFG similarity algorithms • Comparison results of four CFG similarity algorithms • A survey of existing CFG similarity algorithms • A publicly available evaluation framework

  4. What is CFG? • CFG stands for c ontrol- f low g raph • A CFG represents all possible execution paths of a function • And thus, it encodes its behavior

  5. Entry a = input() if a % 2 == 0 True False print print “odd” “even” Exit

  6. Why do we compare CFGs?

  7. Why do we compare CFGs? • Malware detection / classification CFGs of malware Match

  8. Why do we compare CFGs? • Software theft detection How similar? Original software Suspected pirated software

  9. Why do we compare CFGs? • Programming assignments grading How similar? Assignment Submission Solution

  10. Why do we compare CFGs? • Code clones detection How similar?

  11. Why do we compare CFGs? • Detection of changes between different versions of a program

  12. Why do we compare CFGs? • Detection of changes between different versions of a program Match the nodes of the enhanced CFGs

  13. This leads to many algorithms to compare CFGs…

  14. Let’s use two existing algorithms to compare these two CFGs 1 1 2 3 2 3 4 4 5 CFG A CFG B

  15. Algorithm 1 from Kruegel et al. • Extract subgraphs that have k nodes (k-subgraphs) from CFGs and match them

  16. 1 1 2 3 2 3 4 4 5 CFG A CFG B 1 1 1 1 1 2 2 2 2 2 3 2 3 4 5 4 5 4 No match!

  17. Algorithm 2 from Hu et al. • Approximates the minimum number of edit operations needed to transform one graph into another graph

  18. 1 1 2 3 2 3 4 4 5 CFG A CFG B Cost of matching nodes Cost of deleting nodes in CFG A Cost of matching node 1 of CFG A to node 1 of Cost of deleting CFG B node 4 of CFG B Cost of deleting node 1 of CFG B Cost of matching dummy Cost of deleting nodes in CFG B nodes

  19. 1 1 2 3 2 3 4 4 5 CFG A CFG B Total cost = 5

  20. And there are many other algorithms… • Algorithm from Vujosˇevic ́ -Janicˇic ́ et al. iteratively builds a similarity matrix between the nodes of the two CFGs, based on the similarity of their neighbor • Algorithm from Sokolsky et al. models the control flow graphs using Labeled Transition Systems (LTS)

  21. But which one is the best?

  22. Evaluation of CFG similarity algorithms • Start by generating CFGs G 1 , G 2 ,...,G i with increasing edit distances with respect to a seed CFG G 0 • i.e. ED(G 0 ,G i ) = i • Use the algorithm under evaluation to rank the CFGs such that the higher is the similarity score between G i and G 0 given by that algorithm, the higher G i is ranked • Get a “goodness score” for the algorithm by comparing the ranking it produces to the ground truth ⟨ G 1 , G 2 , G 3 ,... ⟩ , using ranking correlation algorithms such as sortedness or Pearson correlation

  23. Example G 0

  24. Example G 1 ED = 1 G 0 ED = 2 ED = 3 G 2 G 3

  25. Example G 1 ED = 1 G 0 ED = 2 ED = 3 G 2 G 3 Ranking: ⟨ G 1 , G 2 , G 3 ⟩

  26. Example G 1 G 1 Sim A = 0.4 ED = 1 G 0 G 0 Sim A = 0.8 ED = 2 Sim A = 0.1 G 3 ED = 3 G 2 G 2 G 3 Ranking: ⟨ G 1 , G 2 , G 3 ⟩

  27. Example G 1 G 1 Sim A = 0.4 ED = 1 G 0 G 0 Sim A = 0.8 ED = 2 Sim A = 0.1 G 3 ED = 3 G 2 G 2 G 3 Ranking: ⟨ G 1 , G 2 , G 3 ⟩ Ranking: ⟨ G 3 , G 1 , G 2 ⟩

  28. Example G 1 G 1 Sim A = 0.4 ED = 1 G 0 G 0 Sim A = 0.8 ED = 2 Sim A = 0.1 G 3 ED = 3 G 2 G 2 G 3 Pearson correlation = -0.5 Ranking: ⟨ G 1 , G 2 , G 3 ⟩ Ranking: ⟨ G 3 , G 1 , G 2 ⟩

  29. Two questions remain… 1. What is the definition of the edit distance between two CFGs? 2. How to generate those CFGs such that they have increasing edit distances with the seed CFG G 0 ?

  30. What is the definition of the edit distance between two CFGs? • The Graph Edit Distance is a function ED : (G i , G j ) → N that computes the smallest number of edit operations needed to transform Gi into Gj. • There are four possible edit operations

  31. What is the definition of the edit distance between two CFGs? • Add a zero-degree node 1 1 2 3 2 3 4

  32. What is the definition of the edit distance between two CFGs? • Add an edge between two existing nodes 1 1 2 3 2 3 4 4

  33. What is the definition of the edit distance between two CFGs? • Delete an edge between two existing nodes 1 1 2 3 2 3 4 4

  34. What is the definition of the edit distance between two CFGs? • Delete a zero-degree node 1 1 2 3 2 4 4

  35. How to generate those CFGs such that they have increasing edit distances with the seed CFG G0? a b c d G 0

  36. How to generate those CFGs such that they have increasing edit distances with the seed CFG G0? a b c d Add Delete Node Edge Add Add Edge Edge a a a a e b c b c b c b c d d d d For every possible edit operation that can be applied to G 0 , apply that and generate a new graph

  37. How to generate those CFGs such that they have increasing edit distances with the seed CFG G0? Obtain the Do the same for the Edit Distance Graph (EDG) newly generated graphs

  38. How to generate those CFGs such that they have increasing edit distances with the seed CFG G0? a b c d Add Delete Node Edge Add Add Edge Edge a a a a e b c b c b c b c d d d d Add Add Edge Edge a Randomly pick a CFG on b c each level and they d become our G 1 , G 2 , G 3 ,…

  39. Implementation • Re-coded four CFG similarity algorithms in Python • Implemented the evaluation framework • Generated an EDG with five levels • Picked 100 test cases (each test case comprises five CFGs)

  40. Evaluation results

  41. Evaluation results

  42. Evaluation results

  43. Evaluation results

  44. Evaluation results “Goodness score” statistics of the four algorithms

  45. Evaluation results Time used by the four algorithms to finish 100 test cases

  46. Related work • An evaluation framework for text plagiarism detection • Generate artificial plagiarism cases • Shuffling, removing, inserting, or replacing words or short phrases at random

  47. Related work • An evaluation framework for code clone detection tools • Inject mutated code fragments into the code base

  48. Future work • Generate CFGs with instructions in the nodes Edit instructions => huge EDG

  49. Try our framework • http://cfgsim.cs.arizona.edu/ • Evaluate existing algorithms • Compare your own algorithm with the others • Fine tune your algorithm

  50. Summary • A methodology to evaluate CFG similarity algorithms • Publicly available evaluation framework • Serves as a benchmark for CFG similarity algorithms users / researchers

  51. Thank you!

Recommend

Comparison of the TDCR method and the CIEMAT/NIST method for the activity determination of beta

Comparison of the TDCR method and the CIEMAT/NIST method for the activity determination of beta

Comparison of the TDCR method and the CIEMAT/NIST method for the activity determination of beta emitting nuclides Ole Nhle and Karsten Kossert Physikalisch-Technische Bundesanstalt (PTB), Braunschweig, Germany LSC 2010, Advances in Liquid

604 views • 26 slides
Outline Analysis of Algorithms Definition Aggregate Method Accounting Method

Outline Analysis of Algorithms Definition Aggregate Method Accounting Method

Outline Analysis of Algorithms Definition Aggregate Method Accounting Method Amortized Analysis Potential Method Examples : Binary Counter and Dynamic Table http://www.cp.eng.chula.ac.th/faculty/spj Cost of A Sequence of

332 views • 14 slides
Outline Analysis of Algorithms Definition Aggregate Method Accounting Method

Outline Analysis of Algorithms Definition Aggregate Method Accounting Method

Outline Analysis of Algorithms Definition Aggregate Method Accounting Method Amortized Analysis Potential Method Examples : Binary Counter and Dynamic Table http://www.cp.eng.chula.ac.th/faculty/spj Cost of A Sequence of

379 views • 21 slides
Algorithms in Bioinformatics: A Practical Introduction Phylogenetic Tree comparison and

Algorithms in Bioinformatics: A Practical Introduction Phylogenetic Tree comparison and

Algorithms in Bioinformatics: A Practical Introduction Phylogenetic Tree comparison and Consensus Trees Phylogenetic Tree comparison Why tree comparison? Different phylogenies are resulted using different Kind of data (different

1.2k views • 95 slides
Whats the Difference? Comparison of the Army MEC Risk Management Method and the MEC HA Method

Whats the Difference? Comparison of the Army MEC Risk Management Method and the MEC HA Method

Global Leader in Munitions Response Whats the Difference? Comparison of the Army MEC Risk Management Method and the MEC HA Method April 3, 2019 Detection. Remediation. Destruction. www.naoc.org Global Leader in Munitions Response Agenda

670 views • 18 slides
Algorithms (2IL15) Lecture 2 THE GREEDY METHOD y x w v 1 TU/e Algorithms (2IL15)

Algorithms (2IL15) Lecture 2 THE GREEDY METHOD y x w v 1 TU/e Algorithms (2IL15)

TU/e Algorithms (2IL15) Lecture 2 Algorithms (2IL15) Lecture 2 THE GREEDY METHOD y x w v 1 TU/e Algorithms (2IL15) Lecture 2 Optimization problems for each instance there are (possibly) multiple valid solutions

442 views • 30 slides
SATURN 2008 Architecture Evaluation: Experiences in Using SEI ATAM ATAM method to evaluate a

SATURN 2008 Architecture Evaluation: Experiences in Using SEI ATAM ATAM method to evaluate a

SATURN 2008 Architecture Evaluation: Experiences in Using SEI ATAM ATAM method to evaluate a software testing automation solution Authors: Fernando Enobi Reginaldo Arakaki 1 Conceptual Flow of the ATAM Business Quality Scenarios

279 views • 11 slides
Statistical Comparison of Algorithms Part II Leandro L. Minku University of Birmingham, UK

Statistical Comparison of Algorithms Part II Leandro L. Minku University of Birmingham, UK

Statistical Comparison of Algorithms Part II Leandro L. Minku University of Birmingham, UK Overview Recap of the general idea underlying statistical hypothesis tests. What to compare? Two algorithms on a single problem instance.

1.53k views • 122 slides
2020-07-29_SHPWG_Issue1-Themes Address Calibrate, dynamics of Review the Evaluate Evaluate

2020-07-29_SHPWG_Issue1-Themes Address Calibrate, dynamics of Review the Evaluate Evaluate

2020-07-29_SHPWG_Issue1-Themes Address Calibrate, dynamics of Review the Evaluate Evaluate the Evaluate Evaluate evaluate, and habitat, outcomes of sediments Consider Evaluate flow path and COIs for the temperatures validate the

665 views • 43 slides
Algorithms and Architecture I Sorting in Linear Time 1 Linear Sort? But... Best algorithms

Algorithms and Architecture I Sorting in Linear Time 1 Linear Sort? But... Best algorithms

Algorithms and Architecture I Sorting in Linear Time 1 Linear Sort? But... Best algorithms so far perform in (n lg n) . They are comparison sorts. Comparison sorts need at least (n lg n) . Previous algorithms were optimal .

72 views • 6 slides
Algorithms for Compact Letter Displays: Comparison and Evaluation Jens Gramm 1 Jiong Guo 1 uffner

Algorithms for Compact Letter Displays: Comparison and Evaluation Jens Gramm 1 Jiong Guo 1 uffner

Introduction Algorithms Experiments Summary Algorithms for Compact Letter Displays: Comparison and Evaluation Jens Gramm 1 Jiong Guo 1 uffner 1 Falk H Rolf Niedermeier 1 Hans-Peter Piepho 2 Ramona Schmid 3 1 Friedrich-Schiller-Universit

729 views • 40 slides
Comparison Sorting II A comparison function (consistent and total) Effect: Reorganize the

Comparison Sorting II A comparison function (consistent and total) Effect: Reorganize the

2/28/2016 The comparison sorting problem Assume we have n comparable elements in an array and we want to rearrange them to be in increasing order Input: CSE373: Data Structures and Algorithms An array A of data records A key value in

458 views • 6 slides
An objective method to measure and evaluate the quality of sanded wood surfaces L. Gurau 1

An objective method to measure and evaluate the quality of sanded wood surfaces L. Gurau 1

The Future of Quality Control for Wood & Wood Products, 4-7 th May 2010, Edinburgh The Final Conference of COST Action E53 An objective method to measure and evaluate the quality of sanded wood surfaces L. Gurau 1 Abstract No agreed

419 views • 9 slides
A New Practical Intracerebral Hematoma Volume Calculation Method and Comparison to simple ABC/2

A New Practical Intracerebral Hematoma Volume Calculation Method and Comparison to simple ABC/2

A New Practical Intracerebral Hematoma Volume Calculation Method and Comparison to simple ABC/2 F.Cuce , G. Tulum, O. Dandin, T. Ergin, O. Karadas, O. Osman Gulhane Education and Training Hospital, Department of Radiology, Ankara, Turkey

526 views • 20 slides
How fast can we sort? All the sorting algorithms we have seen so far are comparison sorts : only

How fast can we sort? All the sorting algorithms we have seen so far are comparison sorts : only

CS 3343 -- Spring 2009 How fast can we sort? All the sorting algorithms we have seen so far are comparison sorts : only use comparisons to determine the relative order of elements. E.g ., insertion sort, merge sort, quicksort, heapsort. The

290 views • 14 slides
USING REINFORCEMENT LEARNING A Comparison of Q-Learning and SARSA Algorithms

USING REINFORCEMENT LEARNING A Comparison of Q-Learning and SARSA Algorithms

ADAPTIVE POWER MANAGEMENT OF ENERGY HARVESTING SENSOR NODES USING REINFORCEMENT LEARNING A Comparison of Q-Learning and SARSA Algorithms

369 views • 33 slides
Exercise 7: Two-Steps Method Exercise 7: Two Steps Method FLUKA Advanced Course Exercise 7 -

Exercise 7: Two-Steps Method Exercise 7: Two Steps Method FLUKA Advanced Course Exercise 7 -

Exercise 7: Two-Steps Method Exercise 7: Two Steps Method FLUKA Advanced Course Exercise 7 - Layout Exercise 7 Goal Evaluate the contribution to the energy deposition in a Beam Loss Monitor (BLM) from direct losses inside a quadrupole,

195 views • 5 slides
Some applications of the method of moments in the analysis of algorithms Alois Panholzer

Some applications of the method of moments in the analysis of algorithms Alois Panholzer

The Method of Moments Example I Example II Example III Counterexample Some applications of the method of moments in the analysis of algorithms Alois Panholzer Institute of Discrete Mathematics and Geometry Vienna University of Technology

1.13k views • 112 slides
Goals for Today Learning Objective: Understand and evaluate disk scheduling algorithms

Goals for Today Learning Objective: Understand and evaluate disk scheduling algorithms

Goals for Today Learning Objective: Understand and evaluate disk scheduling algorithms Announcements, etc: Midterm scores and debrief this week (sorry!) MP2 extension: now due on March 25th (UTC-11) MP3 released March 27th

522 views • 23 slides
Efficient Method for Magnitude Comparison in RNS Based on Two Pairs of Conjugate Moduli Leonel

Efficient Method for Magnitude Comparison in RNS Based on Two Pairs of Conjugate Moduli Leonel

technology from seed Efficient Method for Magnitude Comparison in RNS Based on Two Pairs of Conjugate Moduli Leonel Sousa Instituto de Engenharia de Sistemas e Computadores Investigao e Desenvolvimento em Lisboa 1 ARITH 18 Montpellier

382 views • 17 slides
Tree Algorithms in Data Mining: Comparison of rpart and RWeka . . . and Beyond Achim Zeileis

Tree Algorithms in Data Mining: Comparison of rpart and RWeka . . . and Beyond Achim Zeileis

Tree Algorithms in Data Mining: Comparison of rpart and RWeka . . . and Beyond Achim Zeileis http://statmath.wu.ac.at/~zeileis/ Motivation For publishing new tree algorithms, benchmarks against established methods are necessary. When

279 views • 17 slides
Outline Comparison of Flow Routing Algorithms Used in Geographic Background Information

Outline Comparison of Flow Routing Algorithms Used in Geographic Background Information

Outline Comparison of Flow Routing Algorithms Used in Geographic Background Information Systems Hypotheses Study Area Fuzzy Classification Results Conclusions Christine Lam Yongxin Deng John Wilson University of

526 views • 6 slides
Performance and Stability Comparison of Vehicular Congestion Control Algorithms Presented by Ali

Performance and Stability Comparison of Vehicular Congestion Control Algorithms Presented by Ali

Performance and Stability Comparison of Vehicular Congestion Control Algorithms Presented by Ali Rostami A joint work with: Bin Cheng , Gaurav Bansal , Katrin Sjoberg Marco Gruteser and John Kenney Rutgers University, USA

539 views • 16 slides
Performance comparison of scheduling algorithms for IPTV traffic over Polymorphous OBS routers

Performance comparison of scheduling algorithms for IPTV traffic over Polymorphous OBS routers

Performance comparison of scheduling algorithms for IPTV traffic over Polymorphous OBS routers Jos e Alberto Hern andez V ctor L opez, Jos e Luis Garc a Dorado and Javier Aracil Networking Research Group Universidad Aut

201 views • 16 slides

More recommend