跳到主要內容

臺灣博碩士論文加值系統

(44.211.26.178) 您好!臺灣時間:2024/06/15 03:08
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:蔡孟翰
研究生(外文):Meng-Han Tsai
論文名稱:基於威脅分類技術之自動化網路攻擊識別與惡意程式行為分析
論文名稱(外文):Automated Network Attack Identification and Malware Behavior Profiling Through Cyber Threat Classification
指導教授:雷欽隆雷欽隆引用關係
指導教授(外文):Chin-Laung Lei
口試委員:顏嗣鈞王勝德蕭旭君鄧惟中紀博文
口試委員(外文):Hsu-chun YenSheng-De WangHsu-Chun HsiaoWei-Chung TengPo-Wen Chi
口試日期:2023-01-12
學位類別:博士
校院名稱:國立臺灣大學
系所名稱:電機工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2023
畢業學年度:111
論文頁數:90
中文關鍵詞:網路安全使用者與實體行為分析機器學習深度學習PowerShell反混淆抽象語法樹多標籤分類
外文關鍵詞:Network SecurityUser and Entity Behavior AnalyticsMachine LearningDeep LearningPowerShell De-ObfuscationAbstract Syntax TreeMulti-label Classification
DOI:10.6342/NTU202300207
相關次數:
  • 被引用被引用:0
  • 點閱點閱:271
  • 評分評分:
  • 下載下載:59
  • 收藏至我的研究室書目清單書目收藏:0
隨著網際網路的快速發展,資訊安全已變得越來越重要。而網路攻擊和惡意程式日益增多之趨勢,則對企業和組織構成了重大威脅。網路罪犯利用各種網路協定發動攻擊,例如:暴力破解與分散式阻斷服務攻擊,同時將其惡意活動隱藏在看似無害的全球資訊網(WWW)與網域名稱系統(DNS)流量之中。此外,惡意程式作者利用混淆技術與變型引擎,開發新一代惡意程式,導致惡意程式和惡意腳本,例如:PowerShell指令(PSCmds)的數量顯著增加。鑑於網路攻擊和惡意程式造成的嚴重資安威脅,如何經濟實惠且有效地分類受駭主機、識別內部威脅及辨識惡意程式行為以進行鑑識分析正成為企業和組織的主要關注重點。

另一方面,新興技術如機器學習(ML)與深度學習(DL)越來越受歡迎,近期已證明具有提供創新解決方案以應對資訊安全挑戰之潛力。本論文中,我們利用機器學習演算法和深度學習架構之進步,解決網路攻擊識別和惡意程式行為分析等問題。通過將機器學習或深度學習結合開源威脅情報(OSINT)與程式分析,我們提出實用的自動化方法藉由威脅分類技術檢測網路攻擊和惡意程式行為。我們提出的解決方案旨在降低識別處理資安威脅之成本,同時還提供對威脅表徵之深入理解,進而強化檢測並使我們可領先於新興威脅。

在網路攻擊識別的研究中,我們提出兩個識別網路攻擊的框架。第一個框架透過使用者與實體行為分析(UEBA)以及自動編碼器(Autoencoder)模型,將網路內的受駭主機進行分類,自動編碼器模型通過結合受駭主機靜態服務資訊和動態網路活動的三維特徵向量來識別網路威脅。第二個框架則使用DNS沉洞伺服器(Sinkhole)的開源威脅情報來關聯內部網路日誌資料,以識別內部網路威脅。以上兩個框架皆提供了創新方法以檢測和減輕企業網路中的資安威脅。

在惡意程式行為分析的研究中,我們提出一個結合深度學習和程式分析的混合框架,用於自動化反混淆PowerShell指令與行為分析(PowerDP)。 PowerDP同時在使用「字元分布特徵」對不同混淆類型進行分類以及使用抽象語法樹(AST)的「實值向量表示」進行惡意行為檢測方面皆表現出優越的性能。因此,資安分析人員可以使用此自動化機制以揭露出惡意程式衍生的PowerShell指令背後的攻擊意圖,並簡化惡意程式與鑑識分析之流程。
With the rapid growth of the Internet, cybersecurity has become increasingly important. The growing trend of network attacks and malicious software (malware) presents a significant threat to businesses and organizations. Cybercriminals employ various network protocols to launch attacks, such as brute force and Distributed Denial-of-Service (DDoS), while hiding their malicious activities in seemingly innocuous World Wide Web (WWW) and Domain Name System (DNS) traffic. In addition, the use of obfuscation techniques and metamorphic engines by malware authors has enabled the development of new malware generations, leading to a notable increase in the number of malware and scripts, e.g., PowerShell Commands (PSCmds). Given the severe cyber threats posed by network attacks and malware, cost-effectively categorizing network infections, identifying internal threats, and profiling malware behavior for forensic analysis are becoming primary concerns for businesses and organizations.

On the other hand, emerging techniques such as Machine Learning (ML) and Deep Learning (DL) are gaining popularity and recently demonstrating the potential to provide innovative solutions to cybersecurity challenges. In this dissertation, we have utilized the advances in machine learning algorithms and deep learning architectures to tackle the issues of identifying network attacks and profiling malware behavior. By combining ML/DL techniques with Open-Source threat Intelligence (OSINT) and program analysis, we have developed practical and automated methods to categorize network attacks and create malware behavioral profiles through cyber threat classification. Our proposed solutions aim to reduce the cost of identifying and responding to cyber threats while also providing a deeper understanding of threat representations for enhanced detection capabilities and enabling us to stay ahead of new threats.

To identify network attacks, we propose two frameworks. The first framework uses User and Entity Behavior Analytics (UEBA) to categorize infections within a network by combining static service information and dynamic network activities from an infected host in a three-dimensional feature vector with an autoencoder model. The second framework uses OSINT from DNS sinkhole servers to correlate internal network logs and identify internal threats. These frameworks provide innovative approaches for detecting and mitigating cyber threats in corporate networks.

In the field of malware behavior profiling, we introduce a hybrid framework combining DL and program analysis for automatic PowerShell De-obfuscation and behavioral Profiling (PowerDP). PowerDP achieves superior performance in classifying different obfuscation types using “character distribution features” and detecting malicious behaviors through “real-valued vector representations” from the Abstract Syntax Tree (AST). As a result, security analysts can use this automation mechanism to uncover the malicious intent behind malware-derived PSCmds and streamline the process of malware and forensics analysis.
口試委員會審定書 i
誌謝 iii
中文摘要 v
Abstract vii
Contents ix
List of Figures xiii
List of Tables xv
Chapter 1 Introduction 1
Chapter 2 Preliminaries and Related Works 5
2.1 Threat Identification 5
2.1.1 Related Works 9
2.1.1.1 OSINT-based Threat Identification 9
2.1.1.2 DNS-based Threat Identification 10
2.2 Malware Analysis 11
2.2.1 Related Works 16
2.2.1.1 Detection of Malicious PowerShell 17
2.2.1.2 De-Obfuscation of Malicious PowerShell 19
Chapter 3 Network Attack Identification 21
3.1 Infection Categorization Using Deep Autoencoder 22
3.1.1 The Proposed Framework 23
3.1.1.1 System Overview 24
3.1.2 The Dataset 26
3.1.3 Experiments 27
3.1.4 Summary 30
3.2 Uncovering Internal Threats Based on Open-source Intelligence 31
3.2.1 The Proposed Framework 33
3.2.1.1 System Overview 34
3.2.2 The Dataset 37
3.2.3 Experiments 37
3.2.4 Summary 39
Chapter 4 Malware Behavior Profiling 41
4.1 De-Obfuscating and Profiling Malicious PowerShell Commands With Multi-LabelClassifiers 42
4.1.1 The Proposed Framework 45
4.1.1.1 System Overview 45
4.1.1.2 De-Obfuscating PowerShell Commands 47
4.1.1.3 ProfilingPowerShellCommands 51
4.1.2 The Dataset 54
4.1.3 Experiments 57
4.1.3.1 Evaluation Methodology 58
4.1.3.2 Evaluation Results 62
4.1.4 Summary 68
Chapter 5 Conclusions and Future Works 71
References 77
Appendix A - Examples of Obfuscated PowerShell Commands (PSCmds) 87
A.1 Compression 87
A.2 Encoding Scheme 87
A.3 Encoding Scheme with Helper Function 89
A.4 String Manipulation with Helper Function 89
J. J. George and D. E. Leidner, “From clicktivism to hacktivism: Understanding digital activism,” Inf. Org., vol. 29, no. 3, 2019. Art. no. 100249.
S. Afroz, V. Garg, D. McCoy, and R. Greenstadt, “Honor among thieves: A common’s analysis of cybercrime economies,” in Proc. 8th IEEE APWG eCrime Res. Summit (eCRS), pp. 1–11, IEEE, 2013.
I. Ghafir, V. Prenosil, M. Hammoudeh, F. J. Aparicio-Navarro, K. Rabie, and A.Jabban, “Disguised executable files in spear-phishing emails: Detecting the point of entry in advanced persistent threat,” in Proc. 2nd Int. Conf. Future Netw. Distrib. Syst. (ICFNDS), pp. 1–5, ACM, 2018.
D. Bohannon and L. Holmes, “Revoke-obfuscation: Powershell obfuscation detection using science,” in Proc. Black Hat USA, pp. 1–20, FireEye, 2017.
T. Kim, B. Kang, M. Rho, S. Sezer, and E. G. Im, “A multimodal deep learning method for android malware detection using various features,” IEEE Trans. Inf. Forensics Security, vol. 14, no. 3, pp. 773–788, 2018.
Y. Shen and G. Stringhini, “{ATTACK2VEC}: Leveraging temporal word embeddings to understand the evolution of cyberattacks,” in Proc. 28th USENIX Secur. Symp., pp. 905–921, USENIX Association, 2019.
S. Ndichu, S. Kim, and S. Ozawa, “Deobfuscation, unpacking, and decoding of obfuscated malicious javascript for machine learning models detection performance improvement,” CAAI Trans. Intell. Technol., vol. 5, no. 3, pp. 184–192, 2020.
B. Mukherjee, L. T. Heberlein, and K. N. Levitt, “Network intrusion detection,” IEEE network, vol. 8, no. 3, pp. 26–41, 1994.
K.-C. Lee, C.-H. Hsieh, L.-J. Wei, C.-H. Mao, J.-H. Dai, and Y.-T. Kuang, “Secbuzzer: cyber security emerging topic mining with open threat intelligence retrieval and timeline event annotation,” Soft Comput., vol. 21, no. 11, pp. 2883–2896, 2017.
L. Bilge, S. Sen, D. Balzarotti, E. Kirda, and C. Kruegel, “Exposure: A passive dns analysis service to detect and report malicious domains,” ACM Trans. Inf. Sys. Secur., vol. 16, no. 4, pp. 1–28, 2014.
W. Tounsi and H. Rais, “A survey on technical threat intelligence in the age of sophisticated cyber attacks,” Comput. Secur., vol. 72, pp. 212–233, 2018.
T. D. Wagner, K. Mahbub, E. Palomar, and A. E. Abdallah, “Cyber threat intelligence sharing: Survey and research directions,” Comput. Secur., vol. 87, 2019. Art. no. 101589.
J. Grisham, S. Samtani, M. Patton, and H. Chen, “Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence,” in Proc. 2017 IEEE Int. Conf. Intell. Secur. informatics (ISI), pp. 13–18, IEEE, 2017.
S. Lee and T. Shon, “Open source intelligence base cyber threat inspection framework for critical infrastructures,” in Proc. 2016 Future Technol. Conf. (FTC), pp. 1030–1033, IEEE, 2016.
X. Ma, J. Zhang, J. Tao, J. Li, J. Tian, and X. Guan, “Dnsradar: Outsourcing malicious domain detection based on distributed cache-footprints,” IEEE Trans. Inf. Forensics Security, vol. 9, no. 11, pp. 1906–1921, 2014.
G. Zhao, K. Xu, L. Xu, and B. Wu, “Detecting apt malware infections based on malicious dns and traffic analysis,” IEEE Access, vol. 3, pp. 1132–1142, 2015.
B. Rahbarinia, R. Perdisci, and M. Antonakakis, “Segugio: Efficient behavior-based tracking of malware-control domains in large isp networks,” in Proc. 45th Annu. IEEE/IFIP Int. Conf. Dependable Sys. Netw. (DSN), pp. 403–414, IEEE, 2015.
B. Rahbarinia, R. Perdisci, M. Antonakakis, and D. Dagon, “Sinkminer: Mining botnet sinkholes for fun and profit,” in Proc. 6th USENIX Workshop Large-Scale Exploits Emergent Threats (LEET), 2013.
M. Antonakakis, R. Perdisci, D. Dagon, W. Lee, and N. Feamster, “Building a dynamic reputation system for dns,” in Proc. 19th USENIX Secur. Symp. (USENIX Security 10), 2010.
M. R. Smith, N. T. Johnson, J. B. Ingram, A. J. Carbajal, B. I. Haus, E. Domschot, R. Ramyaa, C. C. Lamb, S. J. Verzi, and W. P. Kegelmeyer, “Mind the gap: On bridging the semantic gap between machine learning and malware analysis,” in Proc. 13th ACM Work. Artif. Intell. Secur. (AISec), pp. 49–60, ACM, 2020.
S. Kumar et al., “An emerging threat fileless malware: a survey and research challenges,” Cybersecurity, vol. 3, no. 1, pp. 1–12, 2020.
F. Barr-Smith, X. Ugarte-Pedrero, M. Graziano, R. Spolaor, and I. Martinovic, “Survivalism: Systematic analysis of windows malware living-off-the-land,” in Proc. 42nd IEEE Symp. Secur. Privacy (SP), pp. 1557–1574, IEEE, 2021.
D. Bohannon, “Invoke-obfuscation: Powershell obfusk8tion techniques & how to (try to) d””e‘tec‘t ’th’+’em’,” in Proc. DerbyCon, 2016. Accessed: Nov. 23, 2022. [Online]. Available: https://www.danielbohannon.com/blog-1/2016/9/25/invoke-obfuscation-public-release.
D. Ugarte, D. Maiorca, F. Cara, and G. Giacinto, “Powerdrive: Accurate de-obfuscation and analysis of powershell malware,” in Proc. 16th Int. Conf. Detection Intrusions Malware, Vulnerability Assessment (DIMVA), pp. 240–259, Springer, 2019.
J. White, Practical Behavioral Profiling of PowerShell Scripts through Static Analysis (Part 1 - Part 3). Palo Alto Networks, 2019. Accessed: Nov. 23, 2022. [Online]. Available: https://unit42.paloaltonetworks.com/practical-behavioral-profiling-of-powershell-scripts-through-static-analysis-part-1/.
U. Alon, M. Zilberstein, O. Levy, and E. Yahav, “Code2vec: Learning distributed representations of code,” ACM Program. Lang., vol. 3, no. POPL, pp. 1–29, 2019.
W. Wang, Y. Zhang, Y. Sui, Y. Wan, Z. Zhao, J. Wu, P. S. Yu, and G. Xu, “Reinforcement-learning-guided source code summarization using hierarchical attention,” IEEE Trans. Softw. Eng., vol. 48, no. 1, pp. 102–119, 2022.
B. Gelman, B. Hoyle, J. Moore, J. Saxe, and D. Slater, “A language-agnostic model for semantic source code labeling,” in Proc. 1st Int. Work. Mach. Learn. Softw. Eng. Symbiosis (MASES), pp. 36–44, ACM, 2018.
R. Wang, H. Zhang, G. Lu, L. Lyu, and C. Lyu, “Fret: Functional reinforced transformer with bert for code summarization,” IEEE Access, vol. 8, pp. 135591–135604, 2020.
G. Tsoumakas and I. Katakis, “Multi-label classification: An overview,” Int. J. Data Warehousing Mining, vol. 3, no. 3, pp. 1–13, 2007.
J. Qiu, J. Zhang, W. Luo, L. Pan, S. Nepal, Y. Wang, and Y. Xiang, “A3cm: automatic capability annotation for android malware,” IEEE Access, vol. 7, pp. 147156–147168, 2019.
S. Mahdavifar, A. F. A. Kadir, R. Fatemi, D. Alhadidi, and A. A. Ghorbani, “Dynamic android malware category classification using semi-supervised deep learning,” in Proc. IEEE Int. Conf. Dependable, Autonomic and Secure Comput., Int. Conf. Pervasive Intell. Comput., Int. Conf. Cloud Big Data Comput., Int. Conf. Cyber Sci. Technol. Congr. (DASC/PiCom/CBDCom/CyberSciTech), pp. 515–522, IEEE, 2020.
F. N. Ducau, E. M. Rudd, T. M. Heppner, A. Long, and K. Berlin, “Automatic malware description via attribute tagging and similarity embedding,” arXiv.1905.06262, 2019. Accessed: Nov. 23, 2022.
D. Javaheri, P. Lalbakhsh, and M. Hosseinzadeh, “A novel method for detecting future generations of targeted and metamorphic malware based on genetic algorithm,” IEEE Access, vol. 9, pp. 69951–69970, 2021.
J.-Y. Kim and S.-B. Cho, “Obfuscated malware detection using deep generative model based on global/local features,” Comput. Secur., vol. 112, 2022. Art. no. 102501.
A. Rousseau, “Hijacking .net to defend powershell,” arXiv:1709.07508, 2017. Accessed: Nov. 23, 2022.
M. Manna, A. Case, A. Ali-Gombe, and G. G. Richard, “Memory analysis of .net and .net core applications,” Forensic Sci. Int., Digit. Invest., vol. 42, 2022. Art. no. 301404.
J. White, Pulling Back the Curtains on EncodedCommand PowerShell Attacks. Palo Alto Networks, 2017. Accessed: Nov. 23, 2022. [Online]. Available: https://unit42.paloaltonetworks.com/unit42-pulling-back-the-curtains-on-encodedcommand-powershell-attacks/.
G. Rusak, A. Al-Dujaili, and U.-M. O’Reilly, “Ast-based deep learning for detecting malicious powershell,” in Proc. 25th ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), pp. 2276–2278, ACM, 2018.
J. Song, J. Kim, S. Choi, J. Kim, and I. Kim, “Evaluations of ai-based malicious powershell detection with feature optimizations,” ETRI J., 2021.
D. Hendler, S. Kels, and A. Rubin, “Detecting malicious powershell commands using deep neural networks,” in Proc. 13th Asia Conf. Comput. Commun. Secur. (AsiaCCS), pp. 187–197, ACM, 2018.
D. Hendler, S. Kels, and A. Rubin, “Amsi-based detection of malicious powershell code using contextual embeddings,” in Proc. 15th Asia Conf. Comput. Commun. Secur. (AsiaCCS), pp. 679–693, ACM, 2020.
X. Zhang, J. Zhao, and Y. LeCun, “Character-level convolutional networks for text classification,” in Proc. Adv. Neural Inf. Process. Syst. (NIPS), vol. 28, pp. 649–657, Curran Associates, Inc., 2015.
Y. Fang, X. Zhou, and C. Huang, “Effective method for detecting malicious powershell scripts based on hybrid features,” Neurocomputing, vol. 448, pp. 30–39, 2021.
M. Mimura and Y. Tajiri, “Static detection of malicious powershell based on word embeddings,” Internet Things, vol. 15, 2021. Art. no. 100404.
S. Wu and U. Manber, “Fast text searching: allowing errors,” Commun. ACM, vol. 35, no. 10, pp. 83–91, 1992.
Q. Le and T. Mikolov, “Distributed representations of sentences and documents,” in Proc. 31st Int. Conf. Mach. Learn. (ICML), vol. 32, pp. 1188–1196, JMLR.org, 2014.
T. Ongun, J. W. Stokes, J. B. Or, K. Tian, F. Tajaddodianfar, J. Neil, C. Seifert, A. Oprea, and J. C. Platt, “Living-off-the-land command detection using active learning,” in Proc. 24th Int. Symp. Res. Attacks, Intrusions Defenses (RAID), pp. 442–455, ACM, 2021.
S. Choi, “Malicious powershell detection using graph convolution network,” Appl. Sci., vol. 11, no. 14, 2021. Art. no. 6429.
C. Liu, B. Xia, M. Yu, and Y. Liu, “Psdem: A feasible de-obfuscation method for malicious powershell detection,” in Proc. 23rd IEEE Symp. Comput. Commun. (ISCC), pp. 825–831, IEEE, 2018.
Z. Li, Q. A. Chen, C. Xiong, Y. Chen, T. Zhu, and H. Yang, “Effective and light-weight deobfuscation and semantic-aware attack detection for powershell scripts,” in Proc. 26th ACM SIGSAC Conf. Comput. Commun. Secur. (CCS), pp. 1831–1847, ACM, 2019.
M. Shashanka, M.-Y. Shen, and J. Wang, “User and entity behavior analytics for enterprise security,” in Proc. 4th IEEE Int. Conf. Big Data (BigData), pp. 1867– 1874, IEEE, 2016.
G. E. Hinton and R. R. Salakhutdinov, “Reducing the dimensionality of data with neural networks,” science, vol. 313, no. 5786, pp. 504–507, 2006.
B. Binde, R. McRee, and T. J. O’Connor, “Assessing outbound traffic to uncover advanced persistent threat,” SANS Institute. Whitepaper, vol. 16, 2011.
X. Wang, K. Zheng, X. Niu, B. Wu, and C. Wu, “Detection of command and control in advanced persistent threat based on independent access,” in Proc. 2016 IEEE Int. Conf. Commun. (ICC), pp. 1–6, IEEE, 2016.
A. Ramachandran and N. Feamster, “Understanding the network-level behavior of spammers,” in Proc. 2006 Conf. Appl. Technol. Architectures Protocols Comput. Commun., pp. 291–302, 2006.
M. Kührer, C. Rossow, and T. Holz, “Paint it black: Evaluating the effectiveness of malware blacklists,” in Proc. Int. Workshop Recent Advances Intrusion Detection (RAID), pp. 1–21, Springer, 2014.
R. Perdisci, I. Corona, and G. Giacinto, “Early detection of malicious flux networks via large-scale passive dns traffic analysis,” IEEE Trans. Dependable Secur. Comput., vol. 9, no. 5, pp. 714–726, 2012.
S. M. Pontiroli and F. R. Martinez, “The tao of .net and powershell malware analysis,” in Proc. Virus Bull. Conf., pp. 1–26, 2015.
A. G. Kakisim, M. Nar, and I. Sogukpinar, “Metamorphic malware identification using engine-specific patterns based on co-opcode graphs,” Comput. Standards Interfaces, vol. 71, 2020. Art. no. 103443.
I. You and K. Yim, “Malware obfuscation techniques: A brief survey,” in Proc. 5th Int. Conf. Broadband, Wireless Comput., Commun. Appl. (BWCCA), pp. 297–300, 2010.
M. Madou, B. Anckaert, P. Moseley, S. Debray, B. De Sutter, and K. De Bosschere, “Software protection through dynamic code mutation,” in Proc. 7th Int. Work. Inf. Secur. Appl. (WISA), pp. 194–206, Springer, 2006.
F. Pedregosa, G.Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M.Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, et al., “Scikit-learn: Machine learning in python,” J. Mach. Learn. Res., vol. 12, pp. 2825–2830, 2011.
H. Peng, L. Mou, G. Li, Y. Liu, L. Zhang, and Z. Jin, “Building program vector representations for deep learning,” in Proc. 8th Int. Conf. Knowl. Sci., Eng. Manage. (KSEM), vol. 9403, pp. 547–553, Springer, 2015.
L. Mou, G. Li, L. Zhang, T. Wang, and Z. Jin, “Convolutional neural networks over tree structures for programming language processing,” in Proc. 13th AAAI Conf. Artif. Intell., pp. 1287–1293, AAAI, 2016.
D. Rattan, R. Bhatia, and M. Singh, “Software clone detection: A systematic review,” Inf. Softw. Technol., vol. 55, no. 7, pp. 1165–1199, 2013.
S. Ducasse, M. Rieger, and S. Demeyer, “A language independent approach for detecting duplicated code,” in Proc. 15th Int. Conf. Softw. Maintenance (ICSM)., pp. 109–118, IEEE, 1999.
T. Kamiya, S. Kusumoto, and K. Inoue, “Ccfinder: A multilinguistic token-based code clone detection system for large scale source code,” IEEE Trans. Softw. Eng., vol. 28, no. 7, pp. 654–670, 2002.
I. D. Baxter, A. Yahin, L. Moura, M. Sant’Anna, and L.Bier, “Clone detection using abstract syntax trees,” in Proc. 14th Int. Conf. Softw. Maintenance (ICSM), pp. 368–377, IEEE, 1998.
J. Krinke, “Identifying similar code with program dependence graphs,” in Proc. 8th Work. Conf. Reverse Eng. (WCRE), pp. 301–309, IEEE, 2001.
J. Mayrand, C. Leblanc, and E. Merlo, “Experiment on the automatic detection of function clones in a software system using metrics.,” in Proc. 12th Int. Conf. Softw. Maintenance (ICSM), vol. 96, pp. 244–253, IEEE, 1996.
F. Deissenboeck, B. Hummel, E. Jürgens, B. Schätz, S. Wagner, J.-F. Girard, and S. Teuchert, “Clone detection in automotive model-based development,” in Proc. 30th Int. Conf. Softw. Eng., pp. 603–612, IEEE, 2008.
R. Koschke, R. Falke, and P. Frenzel, “Clone detection using abstract syntax suffix trees,” in Proc. 13th Work. Conf. Reverse Eng. (WCRE), pp. 253–262, IEEE, 2006.
L. Bergroth, H. Hakonen, and T. Raita, “A survey of longest common subsequence algorithms,” in Proc. 7th Int. Symp. String Process. Inf. Retrieval (SPIRE), pp. 39– 48, IEEE, 2000.
L. Yujian and L. Bo, “A normalized levenshtein distance metric,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 29, no. 6, pp. 1091–1095, 2007.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊