🔐 CISPA – Helmholtz Center for Information Security | TEMPLATES | people.cispa.io | Data-Privacy-Policy | Impressum 🔐

  1. 28 Jun, 2017 3 commits
  2. 27 Jun, 2017 1 commit
  3. 26 Jun, 2017 1 commit
  4. 21 Jun, 2017 2 commits
  5. 20 Jun, 2017 2 commits
    • derr's avatar
      update README · 1379b55d
      derr authored
    • derr's avatar
      - added new mode of operation (lib-api-analysis) to CLI. This allows to · 651b2eff
      derr authored
        check whether and how the set of public library APIs change between
      - Added a convenience CLI option (-v) to create trace profiles
        (including any method signatures, but restricted to public methods).
        These trace profiles are required for the new lib-api-analysis
      - some cleanup and documentation
  6. 06 Jun, 2017 1 commit
  7. 07 Apr, 2017 1 commit
  8. 22 Mar, 2017 3 commits
    • derr's avatar
      Merge branch 'master' into sql · 336dd163
      derr authored
    • derr's avatar
      improves library identification reporting (always shows · 50332ea9
      derr authored
      the library root package)
    • derr's avatar
      [WALA] fixed undesired behavior during CHA generation. If superclasses · 9a276ee5
      derr authored
      can not be resolved (e.g. android.support.v4.app.Fragment), the child classes
      were not added to the class hierarchy. While this is okay for normal
      analysis since these classes are dead code, this is problematic for LibScout that
      fingerprints the exact package/class structure of a library and
      therefore needs to be aware of all classes independent of their usage.
      As workaround, unresolvable superclasses are changed to java.lang.Object
      such that they can be added to the hierarchy. For the analysis this does
      not have any side-effects.
      [Lib-Merging] Formerly, there have been two distinct custom WALA libraries
      (wala-dalvik.jar and joana.api.jar). These have been merged into a
      single library. In this process, code filtering is applied to remove
      unused code. Before this was done by the build.xml. This pre-filtering
      reduces the library size from about 16MB to about 5MB.
  9. 21 Mar, 2017 1 commit
    • derr's avatar
      code rework for LibApiAnalysis and LibUpdatability · 94ade9b8
      derr authored
      - semver parsing is now used throughout the entire code (also for
        profile sorting)
      - LibApiRobustnessStats are now per library instead of per lib version
        this reduces the memory footprint and simplifies some analyses
      - general code rework/restructuring to improve
  10. 15 Mar, 2017 1 commit
    • derr's avatar
      [added] LibCodeUsage analysis. A new CLI switch "-u" enables a library · aaeeb5d1
      derr authored
      code analysis, i.e. for each detected library, it is subsequently
      checked which code of the library is used in terms of public API calls.
      To this end, any code outside the library is scanned for call
      [added] LibraryApiRobustness analysis. For each distinct <lib,version>
      pair, the set of public API is checked for robustness in successor
      version, i.e. for each public API the highest version is determined
      in which this API is existing.
      [added] Library updatability analysis. Combining the results of the
      two analyses (code usage + API robustness), this analysis determines
      the highest version to which a detected library (version) could be
      updated by simply replacing the library code (i.e. no code changes).
      [added] java-semver library to parse library versions according to
      semantic versioning. This allows us to reliably sort libraries by
      version strings instead of relying on the optional (and sometimes
      unreliable) library release dates.
  11. 10 Mar, 2017 2 commits
  12. 09 Mar, 2017 1 commit
  13. 08 Mar, 2017 7 commits
  14. 28 Feb, 2017 1 commit
  15. 24 Feb, 2017 1 commit
  16. 24 Nov, 2016 1 commit
  17. 23 Nov, 2016 1 commit
  18. 21 Nov, 2016 2 commits
    • derr's avatar
      README tool usage fixes · 1e2164aa
      derr authored
    • derr's avatar
      reworked CLI parser · d971ebd0
      derr authored
      - arguments are now parsed explicitly for passed mode of operation
      - added some convenience (complete log disabling, stat dir
      - improved usage helper message
      - apps with existing stat files are automatically skipped during
  19. 17 Nov, 2016 3 commits