Poirot: Deep Learning for API Misuse Detection

Authors

Yi Li, New Jersey Institute of Technology
Tien N. Nguyen, The University of Texas at Dallas
Shaohua Wang, Central University of Finance and Economics
Aashish Yadavally, The University of Texas at Dallas

Document Type

Conference Proceeding

Publication Date

4-14-2024

Abstract

API misuses refer to incorrect usages that violate the usage constraints of API elements, potentially leading to issues such as runtime errors, exceptions, program crashes, and security vulnerabilities. Existing mining-based approaches for API misuse detection face challenges in accuracy, particularly in distinguishing infrequent from invalid usage. This limitation stems from the necessity to set predefined thresholds for frequent API usage patterns, resulting in potential misclassification of alternative usages. This paper introduces Poirot, a learning-based approach that mitigates the need for predefined thresholds. Leveraging Labeled, Graph-based Convolutional Networks, Poirot learns embeddings for API usages, capturing key features and enhancing API misuse detection. Preliminary evaluation on an API misuse benchmark demonstrates that Poirot achieves a relative improvement of 1.37-10.36X in F-score compared to state-of-the-art API misuse detection techniques.

Identifier

85194876048 (Scopus)

ISBN

[9798400705021]

Publication Title

Proceedings - International Conference on Software Engineering

External Full Text Location

https://doi.org/10.1145/3639478.3643080

ISSN

02705257

First Page

302

Last Page

303

Grant

CNS-2120386

Fund Ref

National Science Foundation

Recommended Citation

Li, Yi; Nguyen, Tien N.; Wang, Shaohua; and Yadavally, Aashish, "Poirot: Deep Learning for API Misuse Detection" (2024). Faculty Publications. 501.
https://digitalcommons.njit.edu/fac_pubs/501