基于索引的分布式代码克隆检测  被引量:3

Distributed Code Clone Detection Based on Index

在线阅读下载全文

作  者:林婵[1,2] 李俊杰[1,2] 饶飞[1,2] 罗平[1,2] 

机构地区:[1]信息系统安全教育部重点实验室(清华大学软件学院),北京100084 [2]清华信息科学与技术国家实验室(清华大学软件学院),北京100084

出  处:《信息安全研究》2016年第3期201-210,共10页Journal of Information Security Research

基  金:NSFC重大项目(91218302)

摘  要:随着软件产业的发展,代码克隆现象越来越常见,随之带来的安全漏洞、可维护性、产权等问题也引起人们重视.代码克隆按照复制程度分为4类:完全复制、修改名称、更换顺序和自实现.现有的代码克隆检测工具只能在单机情况下对2个项目进行针对性克隆检测,并且已有的源代码搜索引擎也只能检测出代码完全复制的情况.针对这2种情况进行研究后,提出一种分布式代码克隆检测算法,实现一个项目代码从多个开源项目代码中匹配检测,得到除了自实现类型的其他3类克隆结果,并利用分布式系统对开源项目代码建立索引和代码克隆检测,从而解决了可以对任意一个项目进行代码克隆检测.With the development of the software industry, code clone is more common and people pay attention to problems caused by code clone, such as vulnerability, maintainability, property right. According to the degree of code replication, code clone has four types, complete copy, modify name, change order and realize by user. The existing code clone detection tool can only carry on the clone detection to two items in the case of single machine, and the existing source code search engine can only detect the code completed copy. To solve the problems, this implements a distributed system of establishing open source code index and matching complex clone from projects. The purpose is to detect code clones derived from open source projects in a given software system. This issue is an aspect of software credibility research. The use of distributed systems for the establishment of open source code index and code clone detection can detect any project code. It helps to analyze the credibility of the target system by checking code license and further analyzing source code vulnerabilities. Finally, some experiments have been done to show the feasibility and effectiveness of this system.

关 键 词:索引 分布式 克隆代码 开源项目 检测 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象