南方科技大学知识苑(SUSTech KC): Automated Patch Transplantation

题名	Automated Patch Transplantation
作者	Shariffdeen, Ridwan Salihin 1; Tan, Shin Hwei2 ; Gao, Mingyuan 1; Roychoudhury, Abhik 1
通讯作者	Tan, Shin Hwei
发表日期	2021
DOI	10.1145/3412376
发表期刊	ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY 影响因子和分区
ISSN	1049-331X
EISSN	1557-7392
卷号	30 期号:1
摘要	Automated program repair is an emerging area that attempts to patch software errors and vulnerabilities. In this article, we formulate and study a problem related to automated repair, namely automated patch transplantation. A patch for an error in a donor program is automatically adapted and inserted into a "similar" target program. We observe that despite standard procedures for vulnerability disclosures and publishing of patches, many un-patched occurrences remain in the wild. One of the main reasons is the fact that various implementations of the same functionality may exist and, hence, published patches need to be modified and adapted. In this article, we therefore propose and implement a workflow for transplanting patches. Our approach centers on identifying patch insertion points, as well as namespaces translation across programs via symbolic execution. Experimental results to eliminate five classes of errors highlight our ability to fix recurring vulnerabilities across various programs through transplantation. We report that in 20 of 24 fixing tasks involving eight application subjects mostly involving file processing programs, we successfully transplanted the patch and validated the transplantation through differential testing. Since the publication of patches make an tut-patched implementation more vulnerable, our proposed techniques should serve a long-standing need in practice.
关键词	Program repair code transplantation patch transplantation dynamic program analysis
相关链接	[来源记录]
收录类别	SCI ; EI
语种	英语
学校署名	通讯
资助项目	National Natural Science Foundation of China[61902170] ; Natural Science Foundation of Guangdong Province[2020A1515011494]
WOS研究方向	Computer Science
WOS类目	Computer Science, Software Engineering
WOS记录号	WOS:000612644100006
出版者	ASSOC COMPUTING MACHINERY
EI入藏号	20210509845556
EI主题词	Automation ; Errors ; Program translators
EI分类号	Computer Software, Data Handling and Applications:723 ; Automatic Control Principles and Applications:731
ESI学科分类	COMPUTER SCIENCE
来源库	Web of Science
引用统计	被引频次[WOS]：18
成果类型	期刊论文
条目标识符	http://sustech.caswiz.com/handle/2SGJ60CL/220999
专题	南方科技大学工学院_计算机科学与工程系
作者单位	1.Natl Univ Singapore, Singapore, Singapore 2.Southern Univ Sci & Technol, Shenzhen, Guangdong, Peoples R China
通讯作者单位	南方科技大学
推荐引用方式 GB/T 7714	Shariffdeen, Ridwan Salihin,Tan, Shin Hwei,Gao, Mingyuan,et al. Automated Patch Transplantation[J]. ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY,2021,30(1).
APA	Shariffdeen, Ridwan Salihin,Tan, Shin Hwei,Gao, Mingyuan,&Roychoudhury, Abhik.(2021).Automated Patch Transplantation.ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY,30(1).
MLA	Shariffdeen, Ridwan Salihin,et al."Automated Patch Transplantation".ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY 30.1(2021).