TruX Open Online Seminars
+
+ 
Welcome to TOOS!
+- The Trustworthy Software Engineering research group (TruX) conducts research in software security, software repair, and explainable software to create key practical solutions for developers, allowing them to achieve trustworthiness, efficiency, and transparency. Application areas include FinTech, embedded systems (e.g., mobile), business or entertainment systems, cybersecurity, and more. + TruX Open Online Seminars serve as a vibrant platform where researchers gather to discuss the latest advancements in software security, software repair, and cutting-edge explainable software techniques. +
++ These sessions offer a valuable opportunity for young researchers to share their findings and engage in insightful discussions. Covering a wide range of software-related topics, these seminars provide an important space for experts and enthusiasts to explore new trends, exchange ideas, and create innovative solutions. By bringing together diverse perspectives, these seminars significantly contribute to shaping the future of software technologies, making them more dependable, robust, and effective.
SnT, University of Luxembourg
SnT, University of Luxembourg
Professors
Upcoming Seminars
+
+ Yi-Hsien Chen
+National Taiwan University
+Guided Malware Sample Analysis Based on Graph Neural Networks
+Malicious binaries have caused data and monetary loss to people, and these binaries keep evolving rapidly nowadays. While manual analysis is slow and ineffective, automated malware report generation is a long-term goal for malware analysts and researchers. This study moves one step toward the goal by identifying essential functions in malicious binaries to accelerate and even automate the analyzing process. We design and implement an expert system based on our proposed graph neural network called MalwareExpert. The system pinpoints the essential functions of an analyzed sample and visualizes the relationships between involved parts. The evaluation results show that our approach has a competitive detection performance (97.3% accuracy and 96.5% recall rate) compared to existing malware detection models. Moreover, it gives an intuitive and +easy-to-understand explanation of the model predictions by visualizing and correlating essential functions. We compare the identified essential functions reported by our system against several expert-made malware analysis reports from multiple sources. Our qualitative and quantitative analyses show that the pinpointed functions indicate accurate directions. In the best case, the top 2% of functions reported from the system can cover all expert-annotated functions in three steps. We believe that the MalwareExpert system has shed light on automated program behavior analysis.
+Presentation Date: Monday, October 30th, 2023 at 10:30 AM CET
+
+ He Ye
+Carnegie Mellon University
+ITER: Iterative Neural Repair for Multi-Location Patches
+Automated program repair (APR) has achieved promising results, especially using neural networks. Yet, the overwhelming majority of patches produced by APR tools are confined to one single location. When looking at the patches produced with neural repair, most of them fail to compile, while a few uncompilable ones go in the right direction. In both cases, the fundamental problem is to ignore the potential of partial patches. In this paper, we propose an iterative program repair paradigm called ITER founded on the concept of improving partial patches until they become plausible and correct. First, ITER iteratively improves partial single-location patches by fixing compilation errors and further refining the previously generated code. Second, ITER iteratively improves partial patches to construct multi-location patches, with fault localization re-execution. ITER is implemented for Java based on battle-proven deep neural networks and code representation. ITER is evaluated on 476 bugs from 10 open-source projects in Defects4J 2.0. ITER succeeds in repairing 76 of them, including 15 multi-location bugs which is a new frontier in the field.
+Presentation Date: Monday, November 6th, 2023 at 3:00 PM CET
+Past Seminars
+
-
+
-
+ + Rete: Learning Namespace Representation for Program Repair, Monday, October 9th, 2023, by Nikhil Parasaram from UCL ++++++++
+ Nikhil Parasaram
+University College London
+++Rete: Learning Namespace Representation for Program Repair
+A key challenge of automated program repair is finding correct patches in the vast search space of candidate patches. Real-world programs define large namespaces of variables that considerably contributes to the search space explosion. Existing program repair approaches neglect information about the program namespace, which makes them inefficient and increases the chance of test-overfitting. + We propose Rete, a new program repair technique, that learns project-independent information about program namespace and uses it to navigate the search space of patches. Rete uses a neural network to extract project-independent information about variable CDU chains, def-use chains augmented with control flow. Then, it ranks patches by jointly ranking variables and the patch templates into which the variables are inserted. + We evaluated Rete on 142 bugs extracted from two datasets, ManyBugs and BugsInPy. Our experiments demonstrate that Rete generates six new correct patches that fix bugs that previous tools did not repair, an improvement of 31% and 59% over the existing state of the art.
+Presentation Date: Monday, October 9th, 2023 at 10:30 AM CEST
+
+
+
+
+