RTFM! Automatic Assumption Discovery and Verification Derivation from Library Document for API Misuse Detection.
Published in CCS, 2020
This research utilizes sentimental analysis to recover APIs’ integration assumptions (IAs) from documentation and translates them to verification code for a compliance check on the softwares integrating these IAs. We implemented this design and evaluated it on 5 popular libraries (OpenSSL, SQLite, libpcap, libdbus and libxml2) and 39 realworld applications. 193 API misuses were detected at the end.
Recommended citation: Tao Lv, Ruishi Li, Yi Yang, Kai Chen, Xiaojing Liao, XiaoFeng Wang, Peiwei Hu, and Luyi Xing. 2020. RTFM! Automatic Assumption Discovery and Verification Derivation from Library Document for API Misuse Detection. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ‘20). Association for Computing Machinery, New York, NY, USA, 1837–1852. DOI:https://doi.org/10.1145/3372297.3423360