Abstract: The disclosed subject matter provides for code repository intrusion detection. A code developer profile can be generated based on characteristic features present in code composed by the developer. Characteristic features can be related to the coding propensities peculiar to individual developers and, over sufficient numbers of characteristic features, can be considered pseudo-signatures. A target code set is analyzed in view of one or more developer profiles to generate a validation score related to a likelihood of a particular developer composing a portion of the target code set. This can serve to confirm or refute a claim of authorship, or can serve to identify likely author candidates from a set of developers. Where the target code set authorship is determined to be sufficiently suspect, the code set can be subjected to further scrutiny to thwart intrusion into the code repository.

Abstract: The disclosed subject matter provides for code repository intrusion detection. A code developer profile can be generated based on characteristic features present in code composed by the developer. Characteristic features can be related to the coding propensities peculiar to individual developers and, over sufficient numbers of characteristic features, can be considered pseudo-signatures. A target code set is analyzed in view of one or more developer profiles to generate a validation score related to a likelihood of a particular developer composing a portion of the target code set. This can serve to confirm or refute a claim of authorship, or can serve to identify likely author candidates from a set of developers. Where the target code set authorship is determined to be sufficiently suspect, the code set can be subjected to further scrutiny to thwart intrusion into the code repository.

Abstract: The disclosed subject matter provides for software testing using metaphor based language fuzzing. Metaphor based language fuzzing can decompose a code segment into a metaphor representing the code segment. The metaphor can be mutated based on determined logical perturbations to any element of the metaphor. The mutation of the metaphor can act as a surrogate for mutation of the code segment. The mutated metaphor can be analyzed to reveal performance differences in comparison to the code segment. These performance difference can be correlated to mutation of the metaphor such that a corresponding mutation of the code segment can be correlated by extrapolation. Moreover, mutators can be stored and reused on other metaphors. Furthermore, employing a metaphor as a root language surrogate can facilitate generating a reduced number of mutators as compared to directly mutating code segments in a plurality of computer languages.

Abstract: Flow based fault testing is provided. A logical constraint model or a state model (LS model) can be generated based on logic/state characteristics of a system under test (SUT). The LS model can be generated from logical constraint grammar statements. The logical constraint grammar can be parsed as part of a pre-test analysis to seek faults related to the logic or states of the model. The inputs and outputs related to the SUT can be employed to determine faults, including post-test analysis for faults. The disclosed subject matter can capture in an automated or semi-automated manner faults that can be missed in more conventional fuzz testing. Further, flow based fault testing can be employed alone, along with, or in combination with conventional fuzz testing.

Abstract: The disclosed subject matter provides for code repository intrusion detection. A code developer profile can be generated based on characteristic features present in code composed by the developer. Characteristic features can be related to the coding propensities peculiar to individual developers and, over sufficient numbers of characteristic features, can be considered pseudo-signatures. A target code set is analyzed in view of one or more developer profiles to generate a validation score related to a likelihood of a particular developer composing a portion of the target code set. This can serve to confirm or refute a claim of authorship, or can serve to identify likely author candidates from a set of developers. Where the target code set authorship is determined to be sufficiently suspect, the code set can be subjected to further scrutiny to thwart intrusion into the code repository.