• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.147-155
• /
• 2010

It has been widely addressed that static analysis techniques can play important role in identifying potential security vulnerability reside in source code. This paper proposes the design and application of security metrics that use both vulnerability information extracted from the static analysis, and significant factors of information that software handles. The security metrics are useful for both developers and evaluators in that the metrics help them identity source code vulnerability in early stage of development. By effectively utilizing the security metrics, evaluators can check the level of source code security, and confirm the final code depending on the characteristics of the source code and the security level of information required.

• Journal of Information Processing Systems
• /
• v.16 no.4
• /
• pp.915-934
• /
• 2020

Software refactoring is a process to restructure an existing software code while keeping its external behavior the same. Currently, various refactoring techniques are being used to develop more readable and less complex codes by improving the non-functional attributes of software. Refactoring can further improve code maintainability by applying various techniques to the source code, which in turn preserves the behavior of code. Refactoring facilitates bug removal and extends the capabilities of the program. In this paper, an exhaustive review is conducted regarding bad smells present in source code, applications of specific refactoring methods to remove that bad smell and its effect on software quality. A total of 68 studies belonging to 32 journals, 31 conferences, and 5 other sources that were published between the years 2001 and 2019 were shortlisted. The studies were analyzed based on of bad smells identified, refactoring techniques used, and their effects on software metrics. We found that "long method", "feature envy", and "data class" bad smells were identified or corrected in the majority of studies. "Feature envy" smell was detected in 36.66% of the total shortlisted studies. Extract class refactoring approach was used in 38.77% of the total studies, followed by the move method and extract method techniques that were used in 34.69% and 30.61% of the total studies, respectively. The effects of refactoring on complexity and coupling metrics of software were also analyzed in the majority of studies, i.e., 29 studies each. Interestingly, the majority of selected studies (41%) used large open source datasets written in Java language instead of proprietary software. At the end, this study provides future guidelines for conducting research in the field of code refactoring.

• Journal of the Korea Convergence Society
• /
• v.12 no.9
• /
• pp.11-19
• /
• 2021

A software system is required to change during its life cycle due to various requirements such as adding functionalities, fixing bugs, and adjusting to new computing environments. Such program code modification should be considered as carefully as a new system development becase unexpected software errors could be introduced. In addition, when reusing open source programs, we can expect higher quality software if code changes of the open source program are predicted in advance. This paper proposes a Convolutional Neural Network (CNN)-based deep learning model to predict source code changes. In this paper, the prediction of code changes is considered as a kind of a binary classification problem in deep learning and labeled datasets are used for supervised learning. Java projects and code change logs are collected from GitHub for training and testing datasets. Software metrics are computed from the collected Java source code and they are used as input data for the proposed model to detect code changes. The performance of the proposed model has been measured by using evaluation metrics such as precision, recall, F1-score, and accuracy. The experimental results show the proposed CNN model has achieved 95% in terms of F1-Score and outperformed the multilayer percept-based DNN model whose F1-Score is 92%.

• Asia pacific journal of information systems
• /
• v.30 no.3
• /
• pp.457-496
• /
• 2020

This study aims to extensively analyze the performance of various Machine Learning (ML) techniques for predicting version to version change-proneness of source code Java files. 17 object-oriented metrics have been utilized in this work for predicting change-prone files using 31 ML techniques and the framework proposed has been implemented on various consecutive releases of two Java-based software projects available as plug-ins. 10-fold and inter-release validation methods have been employed to validate the models and statistical tests provide supplementary information regarding the reliability and significance of the results. The results of experiments conducted in this article indicate that the ML techniques perform differently under the different validation settings. The results also confirm the proficiency of the selected ML techniques in lieu of developing change-proneness prediction models which could aid the software engineers in the initial stages of software development for classifying change-prone Java files of a software, in turn aiding in the trend estimation of change-proneness over future versions.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.4 no.4
• /
• pp.346-351
• /
• 2003

In spite of the size and complexity of software becomes large and complicated, the demand of rapid development, cost reduction, good productivity and good quality software is increasing in these days. Many methods were proposed for efficient software development such as various Case tools. Metrics, Process improvement model (CMM, SPICE, ISO9000) and etc. However, most of them we useful to manage the whole projects rather than an individual programming. In this paper, we introduced a system for quality assessment and complexity metrics for Java programs to assess the individual programmer's quality rather than team's quality. This system shows not only the metrics value for quality assessment but also the source code and the soucture of classes simultaneously.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.8
• /
• pp.65-75
• /
• 2016

In this paper, we present a novel approach to help MSR researchers obtain necessary data with a tool, termed General Purpose Extractor for Source code (GPES). GPES has a single function extracts high-quality data, e.g., the version history, abstract syntax tree (AST), changed code diff, and software quality metrics. Moreover, features such as an AST of other languages or new software metrics can be extended easily given that GPES has a flexible data model and a component-based design. We conducted several case studies to evaluate the usefulness and effectiveness of our tool. Case studies show that researchers can reduce the overall cost of data analysis by transforming the data into the required formats.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.5
• /
• pp.199-206
• /
• 2023

The current software becomes the huge size of source codes. Therefore it is increasing the importance and necessity of static analysis for high-quality product. With static analysis of the code, it needs to identify the defect and complexity of the code. Through visualizing these problems, we make it guild for developers and stakeholders to understand these problems in the source codes. Our previous visualization research focused only on the process of storing information of the results of static analysis into the Database tables, querying the calculations for quality indicators (CK Metrics, Coupling, Number of function calls, Bad-smell), and then finally visualizing the extracted information. This approach has some limitations in that it takes a lot of time and space to analyze a code using information extracted from it through static analysis. That is since the tables are not normalized, it may occur to spend space and time when the tables(classes, functions, attributes, Etc.) are joined to extract information inside the code. To solve these problems, we propose a regularized design of the database tables, an extraction mechanism for quality metric indicators inside the code, and then a visualization with the extracted quality indicators on the code. Through this mechanism, we expect that the code visualization process will be optimized and that developers will be able to guide the modules that need refactoring. In the future, we will conduct learning of some parts of this process.

• Journal of Multimedia Information System
• /
• v.4 no.4
• /
• pp.255-262
• /
• 2017

In recent software development, repetitive code fragments (i.e., clones) are common due to the copy-and-paste programming practice, the framework-based development, or the reuse of same design patterns. Such similar code fragments are likely to introduce more bugs but are easily disregarded by a code reviewer or a programmer. In this paper, we present a code review tool to help code reviewers identify important code changes written by other programmers and recommend which changes need to be reviewed first. Specifically, to identify important code changes, our approach detects code clones across revisions and investigates them. Then, to help a code reviewer, our approach ranks the identified changes in accordance with several software quality metrics and statistics on those clones and changes. Furthermore, our approach allows the code reviewer to express their preferences during code review time. As a result, the code reviewer who has little knowledge of a code base can reduce his or her effort by reviewing the most significant changes that require an instant attention. To evaluate our approach, we integrated our approach with a modern IDE (e.g., Eclipse) as a plugin and then analyzed two third-party open source projects. The experimental results indicate that our approach can improve code reviewer's productivity.

• Journal of KIISE
• /
• v.43 no.12
• /
• pp.1334-1341
• /
• 2016

In recent years, the importance of managing software defects in the implementation stage has emerged because of the rapid development and wide-range usage of intelligent smart devices. Even if not a few studies have been conducted on the prediction models for software defects, their outcomes have not been widely shared. This paper proposes an efficient probabilistic management model of software metrics based on the Bayesian network, to overcome limits such as binary defect prediction models. We expect the proposed model to configure the Bayesian network by taking advantage of various software metrics, which can help in identifying improvements for refactoring. Once the source code has improved through code refactoring, the measured related metric values will also change. The proposed model presents probability values reflecting the effects after defect removal, which can be achieved by improving metrics through refactoring. This model could cope with the conclusive binary predictions, and consequently secure flexibilities on decision making, using indeterminate probability values.

• Journal of Digital Convergence
• /
• v.11 no.7
• /
• pp.165-171
• /
• 2013

Coding patterns that appeared frequently in the source code is a typical piece of code. The functionality that difficult to modularize, such as logging or synchronization processing, and the useful sentences in programming is extracted in software as codding pattern. Large-scale software could not be analyzed fully because the number of coding pattern that can be manually investigated is limited. In this paper, the characteristics of coding patterns perform the evaluation. The goal is to extract for codding-pattern to analyzed by developer. We was selected 6 indicators and performed analysis of 4 open-source. Matrix relations between the values and characteristics of the actual pattern analysis, pattern instances, the width of the distribution of instances, the pattern repeating structure of the elements included in the rates should be analyzed for patterns and indicators that help in choosing was confirmed.