Applying static analysis for automated extraction of database interactions in web applications

Authors:
Minh Ngoc Ngo;Hee Beng Kuan Tan
Affiliations:
School of Electrical and Electronics Engineering, Nanyang Technological University, Nanyang Avenue, Singapore 639798, Singapore;School of Electrical and Electronics Engineering, Nanyang Technological University, Nanyang Avenue, Singapore 639798, Singapore
Venue:
Information and Software Technology
Year:
2008

Citing 24
Cited 3

Using Program Slicing in Software Maintenance

IEEE Transactions on Software Engineering
Extracting Reusable Functions by Flow Graph-Based Program Slicing

IEEE Transactions on Software Engineering
Program and interface slicing for reverse engineering

ICSE '93 Proceedings of the 15th international conference on Software Engineering
An approach for extracting code fragments that implement functionality from source programs

Journal of Software Maintenance: Research and Practice
Analysis and testing of Web applications

ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Evaluating the reverse engineering capabilities of Web tools for understanding site content and structure: a case study

ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Architecture recovery of web applications

Proceedings of the 24th International Conference on Software Engineering
Understanding and Restructuring Web Sites with ReWeb

IEEE MultiMedia
On 'A Framework for Source Code Search Using Program Patterns'

IEEE Transactions on Software Engineering
Locating Features in Source Code

IEEE Transactions on Software Engineering
Interprocedural Dynamic Slicing Applied to Interprocedural Data How Testing

ICSM '93 Proceedings of the Conference on Software Maintenance
WARE: A Tool for the Reverse Engineering of Web Applications

CSMR '02 Proceedings of the 6th European Conference on Software Maintenance and Reengineering
Locating Program Features using Execution Slices

ASSET '99 Proceedings of the 1999 IEEE Symposium on Application - Specific Systems and Software Engineering and Technology
Program slicing

ICSE '81 Proceedings of the 5th international conference on Software engineering
Pattern matching for design concept localization

WCRE '95 Proceedings of the Second Working Conference on Reverse Engineering
A family of test adequacy criteria for database-driven applications

Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
On Modeling Software Architecture Recovery as Graph Matching

ICSM '03 Proceedings of the International Conference on Software Maintenance
Understanding Web Applications through Dynamic Analysis

IWPC '04 Proceedings of the 12th IEEE International Workshop on Program Comprehension
Advanced Slicing of Sequential and Concurrent Programs

ICSM '04 Proceedings of the 20th IEEE International Conference on Software Maintenance
A Scalable Approach to User-Session based Testing of Web Applications through Concept Analysis

Proceedings of the 19th IEEE international conference on Automated software engineering
Refining code-design mapping with flow analysis

Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Automated Extraction of Database Interactions in Web Applications

ICPC '06 Proceedings of the 14th IEEE International Conference on Program Comprehension
Symbolic Evaluation and the Analysis of Programs

IEEE Transactions on Software Engineering
Program Slicing

IEEE Transactions on Software Engineering

Empirical-based recovery and maintenance of input error-correction features

Journal of Software Maintenance and Evolution: Research and Practice
Database semantics recovery through analysis of dynamic SQL statements

Journal on data semantics XV
Aiding Maintenance of Database Applications Through Extracting Attribute Dependency Graph

Journal of Database Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Database interactions are among the most essential functional features in web applications. Therefore, for the testing and maintenance of a web application, it is important that the web engineer could identify all the database interactions in the web application. However, the highly dynamic nature of web applications makes it challenging to extract all the possible database interactions from source code. In this paper, we propose an automated approach to extract database interactions from source code by using symbolic execution and inference rules. Our approach automatically identifies all the possible database interaction points. After that, all the program paths, which pass through each interaction point, are also computed. Each of these paths is then symbolically executed following our proposed symbolic evaluation rules. We also develop inference rules to deduce the interaction types from the set of symbolic expressions derived during the symbolic execution. Experiments have been conducted to evaluate the performance and usefulness of the proposed approach. The results indicate that even with some limitations in handling function calls, pointers and polymorphism, our approach still gives an average precision of 79.2%, which is 45.4% more than that of the conservative approach.