| 1. |
- Bousse, Erwan, et al.
(author)
-
Omniscient debugging for executable DSLs
- 2018
-
In: Journal of Systems and Software. - : ELSEVIER SCIENCE INC. - 0164-1212 .- 1873-1228. ; 137, s. 261-288
-
Journal article (peer-reviewed)abstract
- Omniscient debugging is a promising technique that relies on execution traces to enable free traversal of the states reached by a model (or program) during an execution. While a few General-Purpose Languages (GPLs) already have support for omniscient debugging, developing such a complex tool for any executable Domain Specific Language (DSL) remains a challenging and error prone task. A generic solution must: support a wide range of executable DSLs independently of the metaprogramming approaches used for implementing their semantics; be efficient for good responsiveness. Our contribution relies on a generic omniscient debugger supported by efficient generic trace management facilities. To support a wide range of executable DSLs, the debugger provides a common set of debugging facilities, and is based on a pattern to define runtime services independently of metaprogramming approaches. Results show that our debugger can be used with various executable DSLs implemented with different metaprogramming approaches. As compared to a solution that copies the model at each step, it is on average sixtimes more efficient in memory, and at least 2.2 faster when exploring past execution states, while only slowing down the execution 1.6 times on average.
|
|
| 2. |
|
|
| 3. |
- Rodriguez-Cancio, Marcelino, et al.
(author)
-
Approximate Loop Unrolling
- 2019
-
In: CF '19 - PROCEEDINGS OF THE 16TH ACM INTERNATIONAL CONFERENCE ON COMPUTING FRONTIERS. - New York, NY, USA : ASSOC COMPUTING MACHINERY. ; , s. 94-105
-
Conference paper (peer-reviewed)abstract
- We introduce Approximate Unrolling, a compiler loop optimization that reduces execution time and energy consumption, exploiting code regions that can endure some approximation and still produce acceptable results. Specifically, this work focuses on counted loops that map a function over the elements of an array. Approximate Unrolling transforms loops similarly to Loop Unrolling. However, unlike its exact counterpart, our optimization does not unroll loops by adding exact copies of the loop's body. Instead, it adds code that interpolates the results of previous iterations.
|
|
| 4. |
- Alferez, Mauricio, et al.
(author)
-
Modeling variability in the video domain : language and experience report
- 2019
-
In: Software quality journal. - : Springer. - 0963-9314 .- 1573-1367. ; 27:1, s. 307-347
-
Journal article (peer-reviewed)abstract
- In an industrial project, we addressed the challenge of developing a software-based video generator such that consumers and providers of video processing algorithms can benchmark them on a wide range of video variants. This article aims to report on our positive experience in modeling, controlling, and implementing software variability in the video domain. We describe how we have designed and developed a variability modeling language, called VM, resulting from the close collaboration with industrial partners during 2 years. We expose the specific requirements and advanced variability constructs; we developed and used to characterize and derive variations of video sequences. The results of our experiments and industrial experience show that our solution is effective to model complex variability information and supports the synthesis of hundreds of realistic video variants. From the software language perspective, we learned that basic variability mechanisms are useful but not enough; attributes and multi-features are of prior importance; meta-information and specific constructs are relevant for scalable and purposeful reasoning over variability models. From the video domain and software perspective, we report on the practical benefits of a variability approach. With more automation and control, practitioners can now envision benchmarking video algorithms over large, diverse, controlled, yet realistic datasets (videos that mimic real recorded videos)-something impossible at the beginning of the project.
|
|
| 5. |
- Balliu, Musard, et al.
(author)
-
Challenges of Producing Software Bill of Materials for Java
- 2023
-
In: IEEE Security and Privacy. - : Institute of Electrical and Electronics Engineers (IEEE). - 1540-7993 .- 1558-4046. ; 21:6, s. 12-23
-
Journal article (peer-reviewed)abstract
- Software bills of materials (SBOMs) promise to become the backbone of software supply chain hardening. We deep-dive into six tools and the SBOMs they produce for complex open source Java projects, revealing challenges regarding the accurate production and usage of SBOMs.
|
|
| 6. |
- Balliu, Musard, et al.
(author)
-
Software Bill of Materials in Java
- 2023
-
In: SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses. - : Association for Computing Machinery (ACM). ; , s. 75-76
-
Conference paper (peer-reviewed)abstract
- Modern software applications are virtually never built entirely in-house. As a matter of fact, they reuse many third-party dependencies, which form the core of their software supply chain [1]. The large number of dependencies in an application has turned into a major challenge for both security and reliability. For example, to compromise a high-value application, malicious actors can choose to attack a less well-guarded dependency of the project [2]. Even when there is no malicious intent, bugs can propagate through the software supply chain and cause breakages in applications. Gathering accurate, upto- date information about all dependencies included in an application is, therefore, of vital importance.
|
|
| 7. |
- Baudry, Benoit, et al.
(author)
-
A Software-Repair Robot Based on Continual Learning
- 2021
-
In: IEEE Software. - : Institute of Electrical and Electronics Engineers (IEEE). - 0740-7459 .- 1937-4194. ; 38:4, s. 28-35
-
Journal article (peer-reviewed)abstract
- Software bugs are common, and correcting them accounts for a significant portion of the costs in the software development and maintenance process. In this article, we discuss R-Hero, our novel system for learning how to fix bugs based on continual training.
|
|
| 8. |
- Baudry, Benoit, et al.
(author)
-
A spoonful of DevOps helps the GI go down
- 2018
-
In: Proceedings - International Conference on Software Engineering. - New York, NY, USA : IEEE Computer Society. - 9781450357531 ; , s. 35-36
-
Conference paper (peer-reviewed)abstract
- DevOps emphasizes a high degree of automation at all phases of the software development lifecyle. Meanwhile, Genetic Improvement (GI) focuses on the automatic improvement of software artifacts. In this paper, we discuss why we believe that DevOps offers an excellent technical context for easing the adoption of GI techniques by software developers. We also discuss A/B testing as a prominent and clear example of GI taking place in the wild today, albeit one with human-supervised fitness and mutation operators.
|
|
| 9. |
|
|
| 10. |
- Baudry, Benoit, et al.
(author)
-
Long Live Software Easter Eggs!
- 2022
-
In: Queue. - : Association for Computing Machinery (ACM). - 1542-7730 .- 1542-7749. ; 20:2, s. 31-42
-
Journal article (peer-reviewed)abstract
- It's a period of unrest. Rebel developers, striking from continuous deployment servers, have won their first victory. During the battle, rebel spies managed to push an epic commit in the HTML code of https://pro.sony. Pursued by sinister agents, the rebels are hiding in commits, buttons, tooltips, API, HTTP headers, and configuration screens.
|
|
| 11. |
- Baudry, Benoit, et al.
(author)
-
Programming Art With Drawing Machines
- 2024
-
In: Computer. - : Institute of Electrical and Electronics Engineers (IEEE). - 0018-9162 .- 1558-0814. ; 57:7, s. 104-108
-
Journal article (other academic/artistic)abstract
- Algorithmic artists master programming to create art. Specialized libraries and hardware devices such as pen plotters support their practice.
|
|
| 12. |
- Baudry, Benoit, et al.
(author)
-
Science-changing Code
- 2021
-
Other publication (pop. science, debate, etc.)
|
|
| 13. |
- Baudry, Benoit, et al.
(author)
-
Testing beyond coverage
- 2021
-
In: Increment. - : Stripe. - 2832-6598. ; Feb:16
-
Journal article (pop. science, debate, etc.)
|
|
| 14. |
- Benelallam, A., et al.
(author)
-
The maven dependency graph : A temporal graph-based representation of maven central
- 2019
-
In: IEEE International Working Conference on Mining Software Repositories. - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 344-348
-
Conference paper (peer-reviewed)abstract
- The Maven Central Repository provides an extraordinary source of data to understand complex architecture and evolution phenomena among Java applications. As of September 6, 2018, this repository includes 2.8M artifacts (compiled piece of code implemented in a JVM-based language), each of which is characterized with metadata such as exact version, date of upload and list of dependencies towards other artifacts. Today, one who wants to analyze the complete ecosystem of Maven artifacts and their dependencies faces two key challenges: (i) this is a huge data set; and (ii) dependency relationships among artifacts are not modeled explicitly and cannot be queried. In this paper, we present the Maven Dependency Graph. This open source data set provides two contributions: a snapshot of the whole Maven Central taken on September 6, 2018, stored in a graph database in which we explicitly model all dependencies; an open source infrastructure to query this huge dataset.
|
|
| 15. |
- Blouin, Arnaud, et al.
(author)
-
User interface design smell : Automatic detection and refactoring of Blob listeners
- 2018
-
In: Information and Software Technology. - : Elsevier. - 0950-5849 .- 1873-6025. ; 102, s. 49-64
-
Journal article (peer-reviewed)abstract
- Context. User Interfaces (UIs) intensively rely on event-driven programming: interactive objects send UI events, which capture users' interactions, to dedicated objects called controllers. Controllers use several UI listeners that handle these events to produce UI commands. Objective. First, we reveal the presence of design smells in the code that describes and controls UIs. Second, we demonstrate that specific code analyses are necessary to analyze and refactor UI code, because of its coupling with the rest of the code. Method. We conducted an empirical study on four large Java software systems. We studied to what extent the number of UI commands that a UI listener can produce has an impact on the change- and fault-proneness of the UI listener code. We developed a static code analysis for detecting UI commands in the code. Results. We identified a new type of design smell, called Blob listener, that characterizes UI listeners that can produce more than two UI commands. We proposed a systematic static code analysis procedure that searches for Blob listener that we implement in InspectorGuidget. We conducted experiments on the four software systems for which we manually identified 53 instances of Blob listener. InspectorGuidget successfully detected 52 Blob listeners out of 53. The results exhibit a precision of 81.25% and a recall of 98.11%. We then developed a semi-automatically and behavior-preserving refactoring process to remove Blob listeners. 49.06% of the 53 Blob listeners were automatically refactored. Patches have been accepted and merged. Discussions with developers of the four software systems assess the relevance of the Blob listener. Conclusion. This work shows that UI code also suffers from design smells that have to be identified and characterized. We argue that studies have to be conducted to find other UI design smells and tools that analyze UI code must be developed.
|
|
| 16. |
- Boussaa, M., et al.
(author)
-
Leveraging metamorphic testing to automatically detect inconsistencies in code generator families
- 2020
-
In: Software testing, verification & reliability. - : John Wiley and Sons Ltd. - 0960-0833 .- 1099-1689. ; 30:1
-
Journal article (peer-reviewed)abstract
- Generative software development has paved the way for the creation of multiple code generators that serve as a basis for automatically generating code to different software and hardware platforms. In this context, the software quality becomes highly correlated to the quality of code generators used during software development. Eventual failures may result in a loss of confidence for the developers, who will unlikely continue to use these generators. It is then crucial to verify the correct behaviour of code generators in order to preserve software quality and reliability. In this paper, we leverage the metamorphic testing approach to automatically detect inconsistencies in code generators via so-called “metamorphic relations”. We define the metamorphic relation (i.e., test oracle) as a comparison between the variations of performance and resource usage of test suites running on different versions of generated code. We rely on statistical methods to find the threshold value from which an unexpected variation is detected. We evaluate our approach by testing a family of code generators with respect to resource usage and performance metrics for five different target software platforms. The experimental results show that our approach is able to detect, among 95 executed test suites, 11 performance and 15 memory usage inconsistencies.
|
|
| 17. |
-
Browser Chance Music
- 2021
-
Artistic work (software/multimedia)abstract
- Browser Chance Music lets the audience experience the high-frequency, invisible software activity that occurs in our mobile devices when we browse the web. Billions of citizens browse the web every day, everywhere. This activity is powered by billions of software operations that take care of connecting devices to the web and transporting the information from one side of the world to another. Yet, this amazing software activity is invisible, intangible and unknown by most users.Browser Chance Music explores interactive, spatialized sonification to let users experience this software activity. Through sound, we embody the rich software execution, which is usually disembodied and invisible on a regular interaction with software applications. One challenge we face in this project relates to the significant gap of temporality between the two phenomena: the visible act of browsing is performed at the speed of humans clicking buttons or swiping screens; meanwhile, software that runs in the browser to let humans access the world wide web, operates at a radically different speed, up to thousands of operations per second.
|
|
| 18. |
- Cabrera Arteaga, Javier, 1992-
(author)
-
Artificial Software Diversification for WebAssembly
- 2022
-
Licentiate thesis (other academic/artistic)abstract
- WebAssembly has become the fourth official web language, along with HTML, CSS and JavaScript since 2019. WebAssembly allows web browsers to execute existing programs or libraries written in other languages, such as C/C++ and Rust. In addition, WebAssembly evolves to be part of edge-cloud computing platforms. Despite being designed with security as a premise, WebAssembly is not exempt from vulnerabilities. Therefore, potential vulnerabilities and flaws are included in its distribution and execution, highlighting a software monoculture problem. On the other hand, while software diversity has been shown to mitigate monoculture, no diversification approach has been proposed for WebAssembly. This work proposes software diversity as a preemptive solution to mitigate software monoculture for WebAssembly.Besides, we provide implementations for our approaches, including a generic LLVM superdiversifier that potentially extends our ideas to other programming languages. We empirically demonstrate the impact of our approach by providing Randomization and Multivariant Execution (MVE) for WebAssembly. Our results show that our approaches can provide an automated end-to-end solution for the diversification of WebAssembly programs. The main contributions of this work are:We highlight the lack of diversification techniques for WebAssembly through an exhaustive literature review.We provide randomization and multivariant execution for WebAssembly with the implementation of two tools, CROW and MEWE respectively.We include constant inferring as a new code transformation to generate software diversification for WebAssembly.We empirically demonstrate the impact of our technique by evaluating the static and dynamic behavior of the generated diversification.Our approaches harden observable properties commonly used to conduct attacks, such as static code analysis, execution traces, and execution time.
|
|
| 19. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
CROW: Code Diversification for WebAssembly
- 2021
-
Conference paper (peer-reviewed)abstract
- The adoption of WebAssembly increases rapidly, as it provides a fast and safe model for program execution in the browser. However, WebAssembly is not exempt from vulnerabilities that can be exploited by malicious observers. Code diversification can mitigate some of these attacks. In this paper, we present the first fully automated workflow for the diversification of WebAssembly binaries. We present CROW, an open-source tool implementing this workflow through enumerative synthesis of diverse code snippets expressed in the LLVMintermediate representation. We evaluate CROW’s capabilitieson303C programs and study its use on a real-life security-sensitive program: libsodium, a modern cryptographic library. Overall, CROW is able to generate diverse variants for239out of303 (79%)small programs. Furthermore, our experiments show that our approach and tool is able to successfully diversify off-the-shelf cryptographic software (libsodium).
|
|
| 20. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
Multi-variant Execution at the Edge
-
Other publication (other academic/artistic)abstract
- Edge-Cloud computing offloads parts of the computations that traditionally occurs in the cloud to edge nodes. The binary format WebAssembly is increasingly used to distribute and deploy services on such platforms. Edge-Cloud computing providers let their clients deploy stateless services inthe form of WebAssembly binaries, which are then translated to machine code, sandboxed and executed at the edge.In this context, we propose atechnique that (i) automatically diversifies WebAssembly binaries that are deployed to the edge and (ii) randomizes execution paths at runtime. Thus, an attacker cannot exploit all edge nodes with the same payload. Given aservice, we automatically synthesize functionally equivalent variants for thefunctions providing the service. All the variants are then wrapped into a singlemultivariant WebAssembly binary. When the service endpoint is executed, every time a function is invoked, one of its variants is randomly selected. We implement this technique in the MEWE tool and we validate it with 7 servicesfor which MEWE generates multivariant binaries that embed hundreds of function variants. We execute the multivariant binaries on the world-wide edge platform provided by Fastly, as part as a research collaboration. We show that multivariant binaries exhibit a real diversity of execution traces across the whole edge platform distributed around the globe.
|
|
| 21. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
Multi-variant Execution at the Edge
- 2022
-
In: MTD 2022. - New York, NY, USA : Association for Computing Machinery (ACM). ; , s. 11-22
-
Conference paper (peer-reviewed)abstract
- Edge-Cloud computing offloads parts of the computations that traditionally occurs in the cloud to edge nodes. The binary format WebAssembly is increasingly used to distribute and deploy services on such platforms. Edge-Cloud computing providers let their clients deploy stateless services in the form of WebAssembly binaries, which are then translated to machine code, sandboxed and executed at the edge. In this context, we propose a technique that (i) automatically diversifies WebAssembly binaries that are deployed to the edge and (ii) randomizes execution paths at runtime. Thus, an attacker cannot exploit all edge nodes with the same payload. Given a service, we automatically synthesize functionally equivalent variants for the functions providing the service. All the variants are then wrapped into a single multivariant WebAssembly binary. When the service endpoint is executed, every time a function is invoked, one of its variants is randomly selected. We implement this technique in the MEWE tool and we validate it with 7 services for which MEWE generates multivariant binaries that embed hundreds of function variants. We execute the multivariant binaries on the world-wide edge platform provided by Fastly, as part as a research collaboration. We show that multivariant binaries exhibit a real diversity of execution traces across the whole edge platform distributed around the globe.
|
|
| 22. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
Scalable comparison of JavaScript V8 bytecode traces
- 2019
-
In: Proceedings of the 11th ACM SIGPLAN International Workshop on Virtual Machines and Intermediate Languages, VMIL@SPLASH. - New York, NY, USA : ACM Publications. ; , s. 22-31
-
Conference paper (peer-reviewed)abstract
- The comparison and alignment of runtime traces are essential, e.g., for semantic analysis or debugging. However, naive sequence alignment algorithms cannot address the needs of the modern web: (i) the bytecode generation process of V8 is not deterministic; (ii) bytecode traces are large.We present STRAC, a scalable and extensible tool tailored to compare bytecode traces generated by the V8 JavaScript engine. Given two V8 bytecode traces and a distance function between trace events, STRAC computes and provides the best alignment. The key insight is to split access between memory and disk. STRAC can identify semantically equivalent web pages and is capable of processing huge V8 bytecode traces whose order of magnitude matches today's web like https://2019.splashcon.org, which generates approx. 150k of V8 bytecode instructions.
|
|
| 23. |
- Cabrera Arteaga, Javier, 1992-
(author)
-
Software Diversification for WebAssembly
- 2024
-
Doctoral thesis (other academic/artistic)abstract
- WebAssembly, now the fourth ocially recognized web language, enables web browsers to port native applications to the Web. Furthermore, WebAssembly has evolved into an essential element for backend scenarios such as cloud and edge computing. Therefore, WebAssembly finds use in a plethora of applications, including but not limited to, web browsers, blockchain, and cloud computing. Despite the emphasis on security since its design and specification, WebAssembly remains susceptible to various forms of attacks, including memory corruption and side-channels. Furthermore, WebAssembly has been manipulated to disseminate malware, particularly in cases of browser cryptojacking. Web page resources, including those containing WebAssembly binaries, are predominantly served from centralized data centers in the modern digital landscape. In conjunction with browser clients, thousands of edge devices operate millions of identical WebAssembly instantiations every second. This phenomenon creates a highly predictable ecosystem, wherein potential attackers can anticipate behavior either in browsers or backend nodes. Such predictability escalates the potential impact of vulnerabilities within these ecosystems, paving the way for high-impact side-channel and memory attacks. For instance, a flaw in a web browser, triggered by a defective WebAssembly program, holds the potential to aect millions of users. This work aims to harden the security within the WebAssembly ecosystem through the introduction of Software Diversification methods and tools. Software Diversification is a strategy designed to augment the costs of exploiting vulnerabilities by making software less predictable. The predictability within ecosystems can be diminished by automatically generating dierent, yet functionally equivalent, program variants. These variants strengthen observable properties that are typically used to launch attacks, and in many instances, can eliminate such vulnerabilities. This work introduces three tools: CROW, MEWE as compiler-based approaches, and WASM-MUTATE as a binary-based approach. Each tool has been specifically designed to tackle a unique facet of Software Diversification. We present empirical evidence demonstrating the potential application of our Software Diversification methods to WebAssembly programs in two distinct ways: Oensive and Defensive Software Diversification. Our research into Oensive Software Diversification in WebAssembly unveils potential paths for enhancing the detection of WebAssembly malware. On the other hand, our experiments in Defensive Software Diversification show that WebAssembly programs can be hardened against side-channel attacks, specifically the Spectre attack.
|
|
| 24. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
Superoptimization of WebAssembly bytecode
- 2020
-
In: Conference Companion of the 4th International Conference on Art, Science, and Engineering of Programming. - Portugal : Aakar Books.
-
Conference paper (peer-reviewed)abstract
- Motivated by the fast adoption of WebAssembly, we propose the first functional pipeline to support the superoptimization of WebAssembly bytecode. Our pipeline works over LLVM and Souper. We evaluate our superoptimization pipeline with 12 programs from the Rosetta code project. Our pipeline improves the code section size of 8 out of 12 programs. We discuss the challenges faced in superoptimization of WebAssembly with two case studies.
|
|
| 25. |
- Cabrera-Arteaga, Javier, 1992-, et al.
(author)
-
Wasm-Mutate : Fast and effective binary diversification for WebAssembly
- 2024
-
In: Computers & security (Print). - : Elsevier. - 0167-4048 .- 1872-6208. ; 139, s. 103731-103731
-
Journal article (peer-reviewed)abstract
- WebAssembly is the fourth officially endorsed Web language. It is recognized because of its efficiency and design, focused on security. Yet, its swiftly expanding ecosystem lacks robust software diversification systems. We introduce Wasm-Mutate, a diversification engine specifically designed for WebAssembly. Our engine meets several essential criteria: 1) To quickly generate functionally identical, yet behaviorally diverse, WebAssembly variants, 2) To be universally applicable to any WebAssembly program, irrespective of the source programming language, and 3) Generated variants should counter side-channels. By leveraging an e-graph data structure, Wasm-Mutate is implemented to meet both speed and efficacy. We evaluate Wasm-Mutate by conducting experiments on 404 programs, which include real-world applications. Our results highlight that Wasm-Mutate can produce tens of thousands of unique and efficient WebAssembly variants within minutes. Significantly, Wasm-Mutate can safeguard WebAssembly binaries against timing side-channel attacks, especially those of the Spectre type.
|
|
| 26. |
- Cabrera Arteaga, Javier, 1992-, et al.
(author)
-
WebAssembly diversification for malware evasion
- 2023
-
In: Computers & security (Print). - : Elsevier BV. - 0167-4048 .- 1872-6208. ; 131
-
Journal article (peer-reviewed)abstract
- WebAssembly has become a crucial part of the modern web, offering a faster alternative to JavaScript in browsers. While boosting rich applications in browser, this technology is also very efficient to develop cryptojacking malware. This has triggered the development of several methods to detect cryptojacking malware. However, these defenses have not considered the possibility of attackers using evasion techniques. This paper explores how automatic binary diversification can support the evasion of WebAssembly cryptojacking detectors. We experiment with a dataset of 33 WebAssembly cryptojacking binaries and evaluate our evasion technique against two malware detectors: VirusTotal, a general-purpose detector, and MINOS, a WebAssembly-specific detector. Our results demonstrate that our technique can automatically generate variants of WebAssembly cryptojacking that evade the detectors in 90% of cases for VirusTotal and 100% for MINOS. Our results emphasize the importance of meta-antiviruses and diverse detection techniques and provide new insights into which WebAssembly code transformations are best suited for malware evasion. We also show that the variants introduce limited performance overhead, making binary diversification an effective technique for evasion.
|
|
| 27. |
- Chen, Zimin
(author)
-
Source Code Representations of Deep Learning for Program Repair
- 2023
-
Doctoral thesis (other academic/artistic)abstract
- Deep learning, leveraging artificial neural networks, has demonstrated significant capabilities in understanding intricate patterns within data. In recent years, its prowess has been extended to the vast domain of source code, where it aids in diverse software engineering tasks such as program repair, code summarization, and vulnerability detection. However, using deep learning for analyzing source code poses unique challenges. This thesis primarily focuses on the challenges of representing source code to deep learning models for the purpose of automated program repair, a task that aims to automatically fix program bugs.Source code, inherently different from natural languages, is both large in size and unique in vocabulary due to freely named identifiers, thus presenting the out-of-vocabulary challenge. Furthermore, its inherent precision requires exact representation; even a minor error can cause complete system failures. These characteristics underscore the importance of designing appropriate input and output representations for deep learning models, ensuring that they can efficiently and accurately process code for the purposes of program repair. The core contributions of this thesis address these challenges.First, we propose a compact input representation that encapsulates the essential context for bug fixing. The compact input representation retains the relevant information that is essential to understanding the bug while removing unnecessary context that might add noise to the model.Second, we tackle the out-of-vocabulary problem by harnessing techniques from natural language processing, capitalizing on existing code elements for bug fixes, and drawing parallels to the redundancy assumption in traditional program repair approaches.Third, to address the precision of source code, we integrate bug information into the input representation and pivot the model's output from complete code generation to concise edit instructions, offering a more focused and accurate approach.Last, we show that by unifying the source code representation across multiple code-related tasks, we facilitate transfer and multi-task learning. Both learning strategies can help in mitigating issues faced when training on limited datasets.
|
|
| 28. |
- Danglot, Benjamin, et al.
(author)
-
A snowballing literature study on test amplification
- 2019
-
In: Journal of Systems and Software. - : Elsevier. - 0164-1212 .- 1873-1228. ; 157
-
Journal article (peer-reviewed)abstract
- The adoption of agile approaches has put an increased emphasis on testing, resulting in extensive test suites. These suites include a large number of tests, in which developers embed knowledge about meaningful input data and expected properties as oracles. This article surveys works that exploit this knowledge to enhance manually written tests with respect to an engineering goal (e.g., improve coverage or refine fault localization). While these works rely on various techniques and address various goals, we believe they form an emerging and coherent field of research, which we coin "test amplification". We devised a first set of papers from DBLP, searching for all papers containing "test" and "amplification" in their title. We reviewed the 70 papers in this set and selected the 4 papers that fit the definition of test amplification. We use them as the seeds for our snowballing study, and systematically followed the citation graph. This study is the first that draws a comprehensive picture of the different engineering goals proposed in the literature for test amplification. We believe that this survey will help researchers and practitioners entering this new field to understand more quickly and more deeply the intuitions, concepts and techniques used for test amplification.
|
|
| 29. |
- Danglot, Benjamin, et al.
(author)
-
An approach and benchmark to detect behavioral changes of commits in continuous integration
- 2020
-
In: Empirical Software Engineering. - : Springer Nature. - 1382-3256 .- 1573-7616. ; 25:4, s. 2379-2415
-
Journal article (peer-reviewed)abstract
- When a developer pushes a change to an application’s codebase, a good practice is to have a test case specifying this behavioral change. Thanks to continuous integration (CI), the test is run on subsequent commits to check that they do no introduce a regression for that behavior. In this paper, we propose an approach that detects behavioral changes in commits. As input, it takes a program, its test suite, and a commit. Its output is a set of test methods that capture the behavioral difference between the pre-commit and post-commit versions of the program. We call our approach DCI (Detecting behavioral changes in CI). It works by generating variations of the existing test cases through (i) assertion amplification and (ii) a search-based exploration of the input space. We evaluate our approach on a curated set of 60 commits from 6 open source Java projects. To our knowledge, this is the first ever curated dataset of real-world behavioral changes. Our evaluation shows that DCI is able to generate test methods that detect behavioral changes. Our approach is fully automated and can be integrated into current development processes. The main limitations are that it targets unit tests and works on a relatively small fraction of commits. More specifically, DCI works on commits that have a unit test that already executes the modified code. In practice, from our benchmark projects, we found 15.29% of commits to meet the conditions required by DCI.
|
|
| 30. |
- Danglot, Benjamin, et al.
(author)
-
Automatic test improvement with DSpot : a study with ten mature open-source projects
- 2019
-
In: Empirical Software Engineering. - : Springer. - 1382-3256 .- 1573-7616. ; 24:4, s. 2603-2635
-
Journal article (peer-reviewed)abstract
- In the literature, there is a rather clear segregation between manually written tests by developers and automatically generated ones. In this paper, we explore a third solution: to automatically improve existing test cases written by developers. We present the concept, design and implementation of a system called DSpot, that takes developer-written test cases as input (JUnit tests in Java) and synthesizes improved versions of them as output. Those test improvements are given back to developers as patches or pull requests, that can be directly integrated in the main branch of the test code base. We have evaluated DSpot in a deep, systematic manner over 40 real-world unit test classes from 10 notable and open-source software projects. We have amplified all test methods from those 40 unit test classes. In 26/40 cases, DSpot is able to automatically improve the test under study, by triggering new behaviors and adding new valuable assertions. Next, for ten projects under consideration, we have proposed a test improvement automatically synthesized by DSpot to the lead developers. In total, 13/19 proposed test improvements were accepted by the developers and merged into the main code base. This shows that DSpot is capable of automatically improving unit-tests in real-world, large scale Java software.
|
|
| 31. |
|
|
| 32. |
- Danglot, Benjamin, et al.
(author)
-
Correctness attraction : a study of stability of software behavior under runtime perturbation
- 2018
-
In: Empirical Software Engineering. - : Springer. - 1382-3256 .- 1573-7616. ; 23:4, s. 2086-2119
-
Journal article (peer-reviewed)abstract
- Can the execution of software be perturbed without breaking the correctness of the output? In this paper, we devise a protocol to answer this question from a novel perspective. In an experimental study, we observe that many perturbations do not break the correctness in ten subject programs. We call this phenomenon “correctness attraction”. The uniqueness of this protocol is that it considers a systematic exploration of the perturbation space as well as perfect oracles to determine the correctness of the output. To this extent, our findings on the stability of software under execution perturbations have a level of validity that has never been reported before in the scarce related work. A qualitative manual analysis enables us to set up the first taxonomy ever of the reasons behind correctness attraction.
|
|
| 33. |
- Durieux, Thomas, et al.
(author)
-
DUETS : A Dataset of Reproducible Pairs of Java Library-Clients
- 2021
-
In: 2021 IEEE/Acm 18Th International Conference On Mining Software Repositories (MSR 2021). - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 545-549
-
Conference paper (peer-reviewed)abstract
- Software engineering researchers look for software artifacts to study their characteristics or to evaluate new techniques. In this paper, we introduce DUETS, a new dataset of software libraries and their clients. This dataset can be exploited to gain many different insights, such as API usage, usage inputs, or novel observations about the test suites of clients and libraries. DUETS is meant to support both static and dynamic analysis. This means that the libraries and the clients compile correctly, they are executable and their test suites pass. The dataset is composed of open-source projects that have more than five stars on GitHub. The final dataset contains 395 libraries and 2;874 clients. Additionally, we provide the raw data that we use to create this dataset, such as 34;560 pom.xml files or the complete file list from 34;560 projects. This dataset can be used to study how libraries are used by their clients or as a list of software projects that successfully build. The client's test suite can be used as an additional verification step for code transformation techniques that modify the libraries.
|
|
| 34. |
- Durieux, Thomas, et al.
(author)
-
Exhaustive Exploration of the Failure-oblivious Computing Search Space
- 2018
-
In: 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST). - : IEEE Press. - 9781538650127 ; , s. 139-149
-
Conference paper (peer-reviewed)abstract
- High-availability of software systems requires automated handling of crashes in presence of errors. Failure-oblivious computing is one technique that aims to achieve high availability. We note that failure-obliviousness has not been studied in depth yet, and there is very few study that helps understand why failure-oblivious techniques work. In order to make failure-oblivious computing to have an impact in practice, we need to deeply understand failure-oblivious behaviors in software. In this paper, we study, design and perform an experiment that analyzes the size and the diversity of the failure-oblivious behaviors. Our experiment consists of exhaustively computing the search space of 16 field failures of large-scale open-source Java software. The outcome of this experiment is a much better understanding of what really happens when failure-oblivious computing is used, and this opens new promising research directions.
|
|
| 35. |
|
|
| 36. |
- Gómez-Boix, A., et al.
(author)
-
A collaborative strategy for mitigating tracking through browser fingerprinting
- 2019
-
In: Proceedings of the ACM Conference on Computer and Communications Security. - New York, NY, USA : Association for Computing Machinery. - 9781450368285 ; , s. 67-78
-
Conference paper (peer-reviewed)abstract
- Browser fingerprinting is a technique that collects information about the browser configuration and the environment in which it is running. This information is so diverse that it can partially or totally identify users online. Over time, several countermeasures have emerged to mitigate tracking through browser fingerprinting. However, these measures do not offer full coverage in terms of privacy protection, as some of them may introduce inconsistencies or unusual behaviors, making these users stand out from the rest. We address these limitations by proposing a novel approach that minimizes both the identifiability of users and the required changes to browser configuration. To this end, we exploit clustering algorithms to identify the devices that are prone to share the same or similar fingerprints and to provide them with a new non-unique fingerprint. We then use this fingerprint to automatically assemble and run web browsers through virtualization within a docker container. Thus all the devices in the same cluster will end up running a web browser with an indistinguishable and consistent fingerprint.
|
|
| 37. |
- Gomez-Boix, Alejandro, et al.
(author)
-
Hiding in the Crowd : an Analysis of the Effectiveness of Browser ngerprinting at Large Scale
- 2018
-
In: WEB CONFERENCE 2018. - New York, New York, USA : Association for Computing Machinery (ACM). ; , s. 309-318
-
Conference paper (peer-reviewed)abstract
- Browser fingerprinting is a stateless technique, which consists in collecting a wide range of data about a device through browser APIs. Past studies have demonstrated that modern devices present so much diversity that fingerprints can be exploited to identify and track users online. With this work, we want to evaluate if browser fingerprinting is still effective at uniquely identifying a large group of users when analyzing millions of fingerprints over a few months. We collected 2,067,942 browser fingerprints from one of the top 15 French websites. The analysis of this novel dataset sheds a new light on the ever-growing browser fingerprinting domain. The key insight is that the percentage of unique fingerprints in our dataset is much lower than what was reported in the past: only 33.6% of fingerprints are unique by opposition to over 80% in previous studies. We show that non-unique fingerprints tend to be fragile. If some features of the fingerprint change, it is very probable that the fingerprint will become unique. We also confirm that the current evolution of web technologies is benefiting users' privacy significantly as the removal of plugins brings down substantively the rate of unique desktop machines.
|
|
| 38. |
- Gustafsson, Erik, et al.
(author)
-
Re|Traces of search : Exploring human-software entanglements through the search engine
- 2020
-
In: DIS 2020 Companion - Companion Publication of the 2020 ACM Designing Interactive Systems Conference. - New York, NY, USA : Association for Computing Machinery (ACM). ; , s. 457-460
-
Conference paper (peer-reviewed)abstract
- The software art installation 're|Traces of Search' probes human-software relationships by examining in detail a specific and situated action: searching on the web. This work exposes the inner workings of this human/non-human connection; the software - the keystrokes, the scripts and function calls occurring during the exchange - are revealed as a tangible artifact and interactive sonification. We invite guests to explore this non-human representation and touch the software, as it touches us back. As well as highlighting a hidden complexity, this work touches upon questions of transparency and privacy of search engines, and to what extent our relationship with software is rooted in control, in contrast to care.
|
|
| 39. |
- Halin, Axel, et al.
(author)
-
Test them all, is it worth it? : Assessing configuration sampling on the JHipster Web development stack
- 2019
-
In: Empirical Software Engineering. - : Springer Nature. - 1382-3256 .- 1573-7616. ; 24:2, s. 674-717
-
Journal article (peer-reviewed)abstract
- Many approaches for testing configurable software systems start from the same assumption: it is impossible to test all configurations. This motivated the definition of variability-aware abstractions and sampling techniques to cope with large configuration spaces. Yet, there is no theoretical barrier that prevents the exhaustive testing of all configurations by simply enumerating them if the effort required to do so remains acceptable. Not only this: we believe there is a lot to be learned by systematically and exhaustively testing a configurable system. In this case study, we report on the first ever endeavour to test all possible configurations of the industry-strength, open source configurable software system JHipster, a popular code generator for web applications. We built a testing scaffold for the 26,000+ configurations of JHipster using a cluster of 80 machines during 4 nights for a total of 4,376 hours (182 days) CPU time. We find that 35.70% configurations fail and we identify the feature interactions that cause the errors. We show that sampling strategies (like dissimilarity and 2-wise): (1) are more effective to find faults than the 12 default configurations used in the JHipster continuous integration; (2) can be too costly and exceed the available testing budget. We cross this quantitative analysis with the qualitative assessment of JHipster's lead developers.
|
|
| 40. |
- Halin, Axel, et al.
(author)
-
Test them all, is it worth it? : assessing configuration sampling on the JHipster web development stack
- 2020
-
In: Proceedings 24th ACM International Systems and Software Product Line Conference. - New York, NY, USA : Association for Computing Machinery (ACM).
-
Conference paper (peer-reviewed)abstract
- This is an extended abstract of the article: Axel Halin, Alexandre Nuttinck, Mathieu Acher, Xavier Devroey, Gilles Perrouin, and Benoit Baudry. 2018. Test them all, is it worth it? Assessing configuration sampling on the JHipster Web development stack. In Empirical Software Engineering (17 Jul 2018). https://doi.org/10.1007/s10664-018-9635-4.
|
|
| 41. |
- Halvardsson, Gustaf, et al.
(author)
-
Interpretation of Swedish Sign Language Using Convolutional Neural Networks and Transfer Learning
- 2021
-
In: SN Computer Science. - : Springer. - 2662-995X .- 2661-8907. ; 2:3
-
Journal article (peer-reviewed)abstract
- The automatic interpretation of sign languages is a challenging task, as it requires the usage of high-level vision and high-level motion processing systems for providing accurate image perception. In this paper, we use Convolutional Neural Networks (CNNs) and transfer learning to make computers able to interpret signs of the Swedish Sign Language (SSL) hand alphabet. Our model consists of the implementation of a pre-trained InceptionV3 network, and the usage of the mini-batch gradient descent optimization algorithm. We rely on transfer learning during the pre-training of the model and its data. The final accuracy of the model, based on 8 study subjects and 9400 images, is 85%. Our results indicate that the usage of CNNs is a promising approach to interpret sign languages, and transfer learning can be used to achieve high testing accuracy despite using a small training dataset. Furthermore, we describe the implementation details of our model to interpret signs as a user-friendly web application.
|
|
| 42. |
- Harrand, Nicolas, et al.
(author)
-
A journey among Java neutral program variants
- 2019
-
In: Genetic Programming and Evolvable Machines. - : Springer. - 1389-2576 .- 1573-7632. ; 20:4, s. 531-580
-
Journal article (peer-reviewed)abstract
- Neutral program variants are alternative implementations of a program, yet equivalent with respect to the test suite. Techniques such as approximate computing or genetic improvement share the intuition that potential for enhancements lies in these acceptable behavioral differences (e.g., enhanced performance or reliability). Yet, the automatic synthesis of neutral program variants, through program transformations remains a key challenge. This work aims at characterizing plastic code regions in Java programs, i.e., the code regions that are modifiable while maintaining functional correctness, according to a test suite. Our empirical study relies on automatic variations of 6 real-world Java programs. First, we transform these programs with three state-of-the-art program transformations: add, replace and delete statements. We get a pool of 23,445 neutral variants, from which we gather the following novel insights: developers naturally write code that supports fine-grain behavioral changes; statement deletion is a surprisingly effective program transformation; high-level design decisions, such as the choice of a data structure, are natural points that can evolve while keeping functionality. Second, we design 3 novel program transformations, targeted at specific plastic regions. New experiments reveal that respectively 60%, 58% and 73% of the synthesized variants (175,688 in total) are neutral and exhibit execution traces that are different from the original.
|
|
| 43. |
- Harrand, Nicolas, et al.
(author)
-
API beauty is in the eye of the clients : 2.2 million Maven dependencies reveal the spectrum of client-API usages
- 2022
-
In: Journal of Systems and Software. - : Elsevier BV. - 0164-1212 .- 1873-1228. ; 184, s. 111134-
-
Journal article (peer-reviewed)abstract
- Hyrum's law states a common observation in the software industry: "With a sufficient number of users of an API, it does not matter what you promise in the contract: all observable behaviors of your system will be depended on by somebody". Meanwhile, recent research results seem to contradict this observation when they state that "for most APIs, there is a small number of features that are actually used". In this work, we perform a large scale empirical study of client-API relationships in the Maven ecosystem, in order to investigate this seeming paradox between the observations in industry and the research literature. We study the 94 most popular libraries in Maven Central, as well as the 829,410 client artifacts that declare a dependency to these libraries and that are available in Maven Central, summing up to 2.2M dependencies. Our analysis indicates the existence of a wide spectrum of API usages, with enough clients, most API types end up being used at least once. Our second key observation is that, for all libraries, there is a small set of API types that are used by the vast majority of its clients. The practical consequences of this study are two-fold: (i) it is possible for API maintainers to find an essential part of their API on which they can focus their efforts; (ii) API developers should limit the public API elements to the set of features for which they are ready to have users. (C) 2021 The Author(s). Published by Elsevier Inc.
|
|
| 44. |
- Harrand, Nicolas, et al.
(author)
-
Automatic Diversity in the Software Supply Chain
- 2021
-
Reports (other academic/artistic)abstract
- Despite its obvious benefits, the increased adoption of package managers to automate the reuse of libraries has opened the door to a new class of hazards: supply chain attacks. By injecting malicious code in one library, an attacker may compromise all instances of all applications that depend on the library. To mitigate the impact of supply chain attacks, we propose the concept of Library Substitution Framework. This novel concept leverages one key observation: when an application depends on a library, it is very likely that there exists other libraries that provide similar features. The key objective of Library Substitution Framework is to enable the developers of an application to harness this diversity of libraries in their supply chain. The framework lets them generate a population of application variants, each depending on a different alternative library that provides similar functionalities. To investigate the relevance of this concept, we develop ARGO, a proof-of-concept implementation of this framework that harnesses the diversity of JSON suppliers. We study the feasibility of library substitution and its impact on a set of 368 clients. Our empirical results show that for 195 of the 368 java applications tested, we can substitute the original JSON library used by the client by at least 15 other JSON libraries without modifying the client's code. These results show the capacity of a Library Substitution Framework to diversify the supply chain of the client applications of the libraries it targets.
|
|
| 45. |
- Harrand, Nicolas, et al.
(author)
-
Java decompiler diversity and its application to meta-decompilation
- 2020
-
In: Journal of Systems and Software. - : Elsevier BV. - 0164-1212 .- 1873-1228. ; 168
-
Journal article (peer-reviewed)abstract
- During compilation from Java source code to bytecode, some information is irreversibly lost. In other words, compilation and decompilation of Java code is not symmetric. Consequently, decompilation, which aims at producing source code from bytecode, relies on strategies to reconstruct the information that has been lost. Different Java decompilers use distinct strategies to achieve proper decompilation. In this work, we hypothesize that the diverse ways in which bytecode can be decompiled has a direct impact on the quality of the source code produced by decompilers. In this paper, we assess the strategies of eight Java decompilers with respect to three quality indicators: syntactic correctness, syntactic distortion and semantic equivalence modulo inputs. Our results show that no single modern decompiler is able to correctly handle the variety of bytecode structures coming from real-world programs. The highest ranking decompiler in this study produces syntactically correct, and semantically equivalent code output for 84%, respectively 78%, of the classes in our dataset. Our results demonstrate that each decompiler correctly handles a different set of bytecode classes. We propose a new decompiler called Arlecchino that leverages the diversity of existing decompilers. To do so, we merge partial decompilation into a new one based on compilation errors. Arlecchino handles 37.6% of bytecode classes that were previously handled by no decompiler. We publish the sources of this new bytecode decompiler. (C) 2020 Published by Elsevier Inc.
|
|
| 46. |
- Harrand, Nicolas, 1991-
(author)
-
Software Diversity for Third-Party Dependencies
- 2022
-
Doctoral thesis (other academic/artistic)abstract
- Thanks to the emergence of package managers and online software repositories, modern software development heavily relies on the reuse of third-party libraries. This practice has significant benefits in terms of productivity and reliability. Yet, the reuse of software libraries leads large groups of applications to share a significant amount of code, including potential defects such as bugs or vulnerabilities. The lack of diversity in these group of applications make them more prone to large-scale failures, and more predictable for attackers attempting to exploit their shared vulnerabilities.To mitigate these risks opened by library reuse, this dissertation proposes to introduce diversity in software applications.We create variants of software applications through transformations targeting the libraries they depend on. These variants provide functionalities equivalent to their original, while not sharing the exact same behavior.In this dissertation, we cover three aspects of software diversity.First, we study the existing behavioral diversity of alternative libraries implementing similar functionalities.We perform two case studies on two families of reusable software artifacts: JSON libraries and Bytecode decompilers. We provide empirical evidence that both groups of artifacts exhibit significant natural input/output behavioral diversity.Second, we study software transformations targeting libraries themselves. We propose six source-to-source transformations targeting software libraries, as well as a general architecture to implement library substitution. We implement this architecture in a JSON library substitution framework, leveraging the diversity of behavior we observe in JSON libraries. We assess the impact of these transformations on open-source libraries and software applications through two experiments.Finally, we study the properties of software applications and libraries that make them prone to transformation without changing their functionalities. We analyze the variants produced during our software diversification experiments and discuss our findings. In particular, we observe that the existence of alternative implementations at different granularity, instructions, methods, classes, and libraries, provides an important source of potential diversity that can be leveraged.
|
|
| 47. |
- Harrand, Nicolas, et al.
(author)
-
The Behavioral Diversity of Java JSON Libraries
- 2021
-
In: 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE). - : Institute of Electrical and Electronics Engineers (IEEE).
-
Conference paper (peer-reviewed)abstract
- JSON is an essential file and data format in domains that span scientific computing, web APIs or configuration management. Its popularity has motivated significant software development effort to build multiple libraries to process JSON data. Previous studies focus on performance comparison among these libraries and lack a software engineering perspective. We present the first systematic analysis and comparison of the input / output behavior of 20 JSON libraries, in a single software ecosystem: Java/Maven. We assess behavior diversity by running each library against a curated set of 473 JSON files, including both well-formed and ill-formed files. The main design differences, which influence the behavior of the libraries, relate to the choice of data structure to represent JSON objects and to the encoding of numbers. We observe a remarkable behavioral diversity with ill-formed files, or corner cases such as large numbers or duplicate data. Our unique behavioral assessment of JSON libraries paves the way for a robust processing of ill-formed files, through a multi-version architecture.
|
|
| 48. |
- Harrand, Nicolas, et al.
(author)
-
The strengths and behavioral quirks of Java bytecode decompilers
- 2019
-
In: Proceedings - 19th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2019. - : Institute of Electrical and Electronics Engineers Inc.. - 9781728149370 ; , s. 92-102
-
Conference paper (peer-reviewed)abstract
- During compilation from Java source code to bytecode, some information is irreversibly lost. In other words, compilation and decompilation of Java code is not symmetric. Consequently, the decompilation process, which aims at producing source code from bytecode, must establish some strategies to reconstruct the information that has been lost. Modern Java decompilers tend to use distinct strategies to achieve proper decompilation. In this work, we hypothesize that the diverse ways in which bytecode can be decompiled has a direct impact on the quality of the source code produced by decompilers. We study the effectiveness of eight Java decompilers with respect to three quality indicators: syntactic correctness, syntactic distortion and semantic equivalence modulo inputs. This study relies on a benchmark set of 14 real-world open-source software projects to be decompiled (2041 classes in total). Our results show that no single modern decompiler is able to correctly handle the variety of bytecode structures coming from real-world programs. Even the highest ranking decompiler in this study produces syntactically correct output for 84% of classes of our dataset and semantically equivalent code output for 78% of classes.
|
|
| 49. |
- Laperdrix, P., et al.
(author)
-
Browser Fingerprinting : A Survey
- 2020
-
In: ACM Transactions on the Web. - : Association for Computing Machinery. - 1559-1131 .- 1559-114X. ; 14:2
-
Journal article (peer-reviewed)abstract
- With this article, we survey the research performed in the domain of browser fingerprinting, while providing an accessible entry point to newcomers in the field. We explain how this technique works and where it stems from. We analyze the related work in detail to understand the composition of modern fingerprints and see how this technique is currently used online. We systematize existing defense solutions into different categories and detail the current challenges yet to overcome.
|
|
| 50. |
- Laperdrix, P., et al.
(author)
-
Morellian analysis for browsers : Making web authentication stronger with canvas fingerprinting
- 2019
-
In: Detection of Intrusions and Malware, and Vulnerability Assessment. - Cham : Springer Verlag. - 9783030220372 ; , s. 43-66
-
Conference paper (peer-reviewed)abstract
- In this paper, we present the first fingerprinting-based authentication scheme that is not vulnerable to trivial replay attacks. Our proposed canvas-based fingerprinting technique utilizes one key characteristic: it is parameterized by a challenge, generated on the server side. We perform an in-depth analysis of all parameters that can be used to generate canvas challenges, and we show that it is possible to generate unique, unpredictable, and highly diverse canvas-generated images each time a user logs onto a service. With the analysis of images collected from more than 1.1 million devices in a real-world large-scale experiment, we evaluate our proposed scheme against a large set of attack scenarios and conclude that canvas fingerprinting is a suitable mechanism for stronger authentication on the web.
|
|
