Specification Mining with Few False Positives
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
Automatic inference of abstract type behavior
Proceedings of the IEEE/ACM international conference on Automated software engineering
Automatic inference of model fields and their representation
Proceedings of the 13th Workshop on Formal Techniques for Java-Like Programs
| Hi-index | 0.00 |
We present an algorithm by which mutually-distrusting parties can work together to learn program specifications while preserving their privacy. These specifications describe security policies and correct API usage rules. By sharing data, parties are able to discover more specifications, and thus find more software bugs, than if they never share data. However, because sharing data breaches privacy, we present a way for parties to perturb and publish data and yet still discover more specifications and bugs than if they had never shared data. In aggregate these perturbed traces can be analyzed to learn correct specifications of program behavior. The perturbed traces cannot, however, be analyzed to determine that one party contributed buggier traces than another party. The learned specifications are of benefit to all parties. Despite the noise introduced to safeguard privacy, our algorithm typically learns specifications that find 85% of the bugs that a no-privacy approach would find. A lack of traces is a critical obstacle to practical specification mining; we present an approach for privately sharing traces to gain a large public and private benefit.