Fehmi Jaafar

An Exploratory Study of Macro Co-changes

The literature describes several approaches to identify the artefacts of programs that change together to reveal the (hidden) dependencies among these artefacts. These approaches analyse historical data, mined from version control systems, and report co-changing artefacts, which hint at the causes, consequences, and actors of the changes. We introduce the novel concepts of macro co-changes (MCC), i.e., of artefacts that co-change within a large time interval, and of dephase macro co-changes (DMCC), i.e., macro co-changes that always happen with the same shifts in time. We describe typical scenarios of MCC and DMCC and we use the Hamming distance to detect approximate occurrences of MCC and DMCC. We present our approach, Macocha, to identify these concepts in large programs. We apply Macocha and compare it in terms of precision and recall with UML Diff (file stability) and association rules (co-changing files) on four systems: Argo UML, Free BSD, SIP, and XalanC. We also use external information to validate the (approximate) MCC and DMCC found by Macocha. We thus answer two research questions showing the existence and usefulness of theses concepts and explaining scenarios of hidden dependencies among artefacts.

Mining the relationship between anti-patterns dependencies and fault-proneness

Anti-patterns describe poor solutions to design and implementation problems which are claimed to make object oriented systems hard to maintain. Anti-patterns indicate weaknesses in design that may slow down development or increase the risk of faults or failures in the future. Classes in anti-patterns have some dependencies, such as static relationships, that may propagate potential problems to other classes. To the best of our knowledge, the relationship between anti-patterns dependencies (with non anti-patterns classes) and faults has yet to be studied in details. This paper presents the results of an empirical study aimed at analysing anti-patterns dependencies in three open source software systems, namely ArgoUML, JFreeChart, and XerecesJ. We show that, in almost all releases of the three systems, classes having dependencies with anti-patterns are more fault-prone than others. We also report other observations about these dependencies such as their impact on fault prediction. Software organizations could make use of these knowledge about anti-patterns dependencies to better focus their testing and reviews activities toward the most risky classes, e.g., classes with fault-prone dependencies with anti-patterns.

Detecting asynchrony and dephase change patterns by mining software repositories

Software maintenance accounts for the largest part of the costs of any program. During maintenance activities, developers implement changes (sometimes simultaneously) on artifacts in order to fix bugs and to implement new requirements. To reduce this part of the costs, previous work proposed approaches to identify the artifacts of programs that change together. These approaches analyze historical data, mined from version control systems, and report change patterns, which lead at the causes, consequences, and actors of the changes to source code files. They also introduce so‐called change patterns that describe some typical change dependencies among files. In this paper, we introduce two novel change patterns: the asynchrony change pattern, corresponding to macro co‐changes (MC), that is, of files that co‐change within a large time interval (change periods) and the dephase change pattern, corresponding to dephase macro co‐changes (DC), that is, MC that always happens with the same shifts in time. We present our approach, that we named Macocha, to identify these two change patterns in large programs. We use the k‐nearest neighbor algorithm to group changes into change periods. We also use the Hamming distance to detect approximate occurrences of MC and DC. We apply Macocha and compare its performance in terms of precision and recall with UMLDiff (file stability) and association rules (co‐changing files) on seven systems: ArgoUML, FreeBSD, JFreeChart, Openser, SIP, XalanC, and XercesC developed with three different languages (C, C++, and Java). These systems have a size ranging from 532 to 1693 files, and during the study period, they have undergone 1555 to 23,944 change commits. We use external information and static analysis to validate (approximate) MC and DC found by Macocha. Through our case study, we show the existence and usefulness of these novel change patterns to ease software maintenance and, potentially, reduce related costs. Copyright

Evaluating the impact of design pattern and anti-pattern dependencies on changes and faults

On the one hand, design patterns are solutions to recurring design problems, aimed at increasing reuse, flexibility, and maintainability. However, much prior work found that some patterns, such as the Observer and Singleton, are correlated with large code structures and argued that they are more likely to be fault prone. On the other hand, anti-patterns describe poor solutions to design and implementation problems that highlight weaknesses in the design of software systems and that may slow down maintenance and increase the risk of faults. They have been found to negatively impact change and fault-proneness. Classes participating in design patterns and anti-patterns have dependencies with other classes, e.g., static and co-change dependencies, that may propagate problems to other classes. We investigate the impact of such dependencies in object-oriented systems by studying the relations between the presence of static and co-change dependencies and (1) the fault-proneness, (2) the types of changes, and (3) the types of faults that these classes exhibit. We analyze six design patterns and 10 anti-patterns in 39 releases of ArgoUML, JFreeChart, and XercesJ, and investigate to what extent classes having dependencies with design patterns or anti-patterns have higher odds of faults than other classes. We show that in almost all releases of the three systems, classes having dependencies with anti-patterns are more fault-prone than others while this is not always true for classes with dependencies with design patterns. We also observe that structural changes are the most common changes impacting classes having dependencies with anti-patterns. Software developers could use this knowledge about the impact of design pattern and anti-pattern dependencies to better focus their testing and reviewing activities towards the most risky classes and to propagate changes adequately.

Leveraging historical co-change information for requirements traceability

Requirements traceability (RT) links requirements to the corresponding source code entities, which implement them. Information Retrieval (IR) based RT links recovery approaches are often used to automatically recover RT links. However, such approaches exhibit low accuracy, in terms of precision, recall, and ranking. This paper presents an approach (CoChaIR), complementary to existing IR-based RT links recovery approaches. CoChaIR leverages historical co-change information of files to improve the accuracy of IR-based RT links recovery approaches. We evaluated the effectiveness of CoChaIR on three datasets, i.e., iTrust, Pooka, and SIP Communicator. We compared CoChaIR with two different IR-based RT links recovery approaches, i.e., vector space model and Jensen-Shannon divergence model. Our study results show that CoChaIR significantly improves precision and recall by up to 12.38% and 5.67% respectively; while decreasing the rank of true positive links by up to 48% and reducing false positive links by up to 44%.

FCFraud: Fighting Click-Fraud from the User Side

Pay-Per-Click (PPC) ad networks charge advertisers for every click on their ads. Click-fraud happens when a user or an automated software clicks on an ad with a malicious intent and advertisers need to pay for those valueless clicks. Click-fraud has been proved to be a serious problem for the online advertisement industry. Although it has attracted much attention from the security community, the direct victims of click-fraud, the advertisers, still lack confidence in the click-fraud detection techniques. Among many forms of click-fraud, botnets with the automated clickers are the most severe ones. In this paper, we present a technique for detecting automated clickers from the user side. Normal internet users are victimized by malicious attackers (e.g., bot-master of a botnet) and the attackers infect and use their machines to defraud advertisers. We propose a technique to Fight Click-Fraud, FCFraud, which can be integrated into the operating system. Since most modern operating systems already provide some kind of anti-malware service, our proposed technique can be implemented with a negligible overhead. We believe that an effective protection at the operating system level can save billions of dollars of the advertisers. Experiments show that FCFraud is 99.6% accurate in classifying ad requests from all user processes and it is 100% successful in finding the fraudulent processes.

Anti-pattern Mutations and Fault-proneness

Software evolution and development are continuous activities that have a never-ending cycle. While developers commit changes on a software system to fix bugs or to implement new requirements, they sometimes introduce anti-patterns, which are bad solutions to recurring design problems in the system. Many previous studies have shown that these anti-patterns have negative effects on code quality, in particular fault-proneness. However, it is not clear if and how anti-patterns evolve and which evolutionary behaviours are more fault-prone. This paper presents results from an empirical study aimed at understanding the evolution of anti-patterns in 27 releases of three open-source software systems: ArgoUML, Mylyn, and Rhino. Specifically, the study analyzes the mutations of anti-patterns, the changes that they undergo, and the relation between anti-pattern evolution behaviours and fault-proneness. Results show that (1) anti-patterns mutate from one type of anti-patterns to another, (2) structural changes are behind these mutations, and (3) some mutations are more risky in terms of fault-proneness.

On the Relationship between Program Evolution and Fault-Proneness: An Empirical Study

Over the years, many researchers have studied the evolution and maintenance of object-oriented source code in order to understand the possibly costly erosion of the software. However, many studies thus far did not link the evolution of classes to faults. Since (1) some classes evolve independently, other classes have to do it together with others (co-evolution), and (2) not all classes are meant to last forever, but some are meant for experimentation or to try out an idea that was then dropped or modified. In this paper, we group classes based on their evolution to infer their lifetime models and coevolution trends. Then, we link each groups evolution to faults. We create phylogenetic trees showing the evolutionary history of programs and we use such trees to facilitate spotting the program code decay. We perform an empirical study, on three open-source programs: ArgoUML, JFreechart, and XercesJ, to examine the relation between the evolution of object-oriented source code at class level and fault-proneness. Our results indicate that (1) classes having a specific lifetime model are significantly less fault-prone than other classes and (2) faults fixed by maintaining co-evolved classes are significantly more frequent than faults fixed using not co-evolved classes.

On the analysis of evolution of software artefacts and programs

The literature describes several approaches to identify the artefacts of programs that evolve together to reveal the (hidden) dependencies among these artefacts and to infer and describe their evolution trends. We propose the use of biological methods to group artefacts, to detect co-evolution among them, and to construct their phylogenic trees to express their evolution trends. First, we introduced the novel concepts of macro co-changes (MCCs), i.e., of artefacts that co-change within a large time interval and of dephase macro co-changes (DMCCs), i.e., macro co-changes that always happen with the same shifts in time. We developed an approach, Macocha, to identify these new patterns of artefacts co-evolution in large programs. Now, we are analysing the evolution of classes playing roles in design patterns and - or antipatterns. In parallel to previous work, we are detecting what classes are in macro co-change or in dephase macro co-change with the design motifs. Results try to show that classes playing roles in design motifs have specifics evolution trends. Finally, we are implementing an approach, Profilo, to achieve the analysis of the evolution of artefacts and versions of large object-oriented programs. Profilo creates a phylogenic tree of different versions of program that describes versions evolution and the relation among versions and programs. We will, also, evaluate the usefulness of our tools using lab and field studies.

On the Analysis of Co-Occurrence of Anti-Patterns and Clones

In software engineering, a smell is a part of a software system’s source code with a poor quality and that may indicate a deeper problem. Although many kinds of smells have been studied to analyze their causes, their behavior, and their impact on software quality, those smells typically are studied independently from each other. However, if two smells coincide inside a class, this could increases their negative effect (e.g., spaghetti code that is being cloned across the system). In this paper we report results from an empirical study conducted to examine the relationship between two specific kinds of smells: code clones and antipatterns. We conducted our study on three open-source software systems: Azureus, Eclipse, and JHotDraw. Results show that between 32% and 63% of classes in the analysed systems present co-occurrence of smells, and that such classes are more risky in term of fault-proneness.