Sound non-statistical clustering of static analysis alarms

Woosuk Lee; Wonchan Lee; Dongok Kang; Kihong Heo; Hakjoo Oh; Kwangkeun Yi

doi:10.1145/3095021

Sound non-statistical clustering of static analysis alarms

Woosuk Lee, Wonchan Lee, Dongok Kang, Kihong Heo, Hakjoo Oh, Kwangkeun Yi

Research output: Contribution to journal › Article

3 Citations (Scopus)

Abstract

We present a sound method for clustering alarms from static analyzers. Our method clusters alarms by discovering sound dependencies between them such that if the dominant alarms of a cluster turns out to be false, all the other alarms in the same cluster are guaranteed to be false. We have implemented our clustering algorithm on top of a realistic buffer-overflow analyzer and proved that our method reduces 45% of alarm reports. Our framework is applicable to any abstract interpretation-based static analysis and orthogonal to abstraction refinements and statistical ranking schemes.

Original language	English
Article number	16
Journal	ACM Transactions on Programming Languages and Systems
Volume	39
Issue number	4
DOIs	https://doi.org/10.1145/3095021
Publication status	Published - 2017 Aug 1

Fingerprint

Keywords

Abstract interpretation
False alarms
Static analysis

ASJC Scopus subject areas

Software

Cite this

Lee, W., Lee, W., Kang, D., Heo, K., Oh, H., & Yi, K. (2017). Sound non-statistical clustering of static analysis alarms. ACM Transactions on Programming Languages and Systems, 39(4), [16]. https://doi.org/10.1145/3095021

@article{21adebd14fc34f45a393a01afa814a63,

title = "Sound non-statistical clustering of static analysis alarms",

abstract = "We present a sound method for clustering alarms from static analyzers. Our method clusters alarms by discovering sound dependencies between them such that if the dominant alarms of a cluster turns out to be false, all the other alarms in the same cluster are guaranteed to be false. We have implemented our clustering algorithm on top of a realistic buffer-overflow analyzer and proved that our method reduces 45% of alarm reports. Our framework is applicable to any abstract interpretation-based static analysis and orthogonal to abstraction refinements and statistical ranking schemes.",

keywords = "Abstract interpretation, False alarms, Static analysis",

author = "Woosuk Lee and Wonchan Lee and Dongok Kang and Kihong Heo and Hakjoo Oh and Kwangkeun Yi",

year = "2017",

month = aug,

day = "1",

doi = "10.1145/3095021",

language = "English",

volume = "39",

journal = "ACM Transactions on Programming Languages and Systems",

issn = "0164-0925",

publisher = "Association for Computing Machinery (ACM)",

number = "4",

}

TY - JOUR

T1 - Sound non-statistical clustering of static analysis alarms

AU - Lee, Woosuk

AU - Lee, Wonchan

AU - Kang, Dongok

AU - Heo, Kihong

AU - Oh, Hakjoo

AU - Yi, Kwangkeun

PY - 2017/8/1

Y1 - 2017/8/1

N2 - We present a sound method for clustering alarms from static analyzers. Our method clusters alarms by discovering sound dependencies between them such that if the dominant alarms of a cluster turns out to be false, all the other alarms in the same cluster are guaranteed to be false. We have implemented our clustering algorithm on top of a realistic buffer-overflow analyzer and proved that our method reduces 45% of alarm reports. Our framework is applicable to any abstract interpretation-based static analysis and orthogonal to abstraction refinements and statistical ranking schemes.

AB - We present a sound method for clustering alarms from static analyzers. Our method clusters alarms by discovering sound dependencies between them such that if the dominant alarms of a cluster turns out to be false, all the other alarms in the same cluster are guaranteed to be false. We have implemented our clustering algorithm on top of a realistic buffer-overflow analyzer and proved that our method reduces 45% of alarm reports. Our framework is applicable to any abstract interpretation-based static analysis and orthogonal to abstraction refinements and statistical ranking schemes.

KW - Abstract interpretation

KW - False alarms

KW - Static analysis

UR - http://www.scopus.com/inward/record.url?scp=85028504442&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85028504442&partnerID=8YFLogxK

U2 - 10.1145/3095021

DO - 10.1145/3095021

M3 - Article

AN - SCOPUS:85028504442

VL - 39

JO - ACM Transactions on Programming Languages and Systems

JF - ACM Transactions on Programming Languages and Systems

SN - 0164-0925

IS - 4

M1 - 16

ER -

Access to Document

10.1145/3095021