SWAN Weakness Detector

SWAN is a machine-learning approach for detection of methods of interest for security in Java libraries.

Лицензия	Лицензия BSD 3-Clause License
Группа	Группа de.upb.cs.swt
Идентификатор	Идентификатор swan_core
Последняя версия	Последняя версия 1.3.0
Дата	Дата 18 сент. 2019 г.
Тип	Тип jar
Описание	Описание SWAN Weakness Detector SWAN is a machine-learning approach for detection of methods of interest for security in Java libraries.
Ссылка на сайт	Ссылка на сайт https://github.com/secure-software-engineering/swan
Система контроля версий	Система контроля версий https://github.com/secure-software-engineering/swan

Скачать swan_core

Имя Файла	Размер
swan_core-1.3.0.pom
swan_core-1.3.0.jar	45 MB
swan_core-1.3.0-sources.jar	45 MB
swan_core-1.3.0-javadoc.jar	340 KB
swan_core-1.3.0-jar-with-dependencies.jar	65 MB
Обзор

Как подключить последнюю версию

Apache Maven

<!-- https://jarcasting.com/artifacts/de.upb.cs.swt/swan_core/ -->
<dependency>
    <groupId>de.upb.cs.swt</groupId>
    <artifactId>swan_core</artifactId>
    <version>1.3.0</version>
</dependency>

Gradle Groovy

// https://jarcasting.com/artifacts/de.upb.cs.swt/swan_core/
implementation 'de.upb.cs.swt:swan_core:1.3.0'

Gradle Kotlin

// https://jarcasting.com/artifacts/de.upb.cs.swt/swan_core/
implementation ("de.upb.cs.swt:swan_core:1.3.0")

Apache Buildr

'de.upb.cs.swt:swan_core:jar:1.3.0'

Apache Ivy

<dependency org="de.upb.cs.swt" name="swan_core" rev="1.3.0">
  <artifact name="swan_core" type="jar" />
</dependency>

Groovy Grape

@Grapes(
@Grab(group='de.upb.cs.swt', module='swan_core', version='1.3.0')
)

Scala SBT

libraryDependencies += "de.upb.cs.swt" % "swan_core" % "1.3.0"

Leiningen

[de.upb.cs.swt/swan_core "1.3.0"]

Зависимости

compile (3)

Идентификатор библиотеки	Тип	Версия
ca.mcgill.sable : soot	jar	3.2.0
nz.ac.waikato.cms.weka : weka-stable	jar	3.6.9
com.googlecode.json-simple : json-simple	jar	1.1.1

Модули Проекта

Данный проект не имеет модулей.

swan

Security methods for WeAkNess detection

Description:

SWAN is a machine-learning approach for detection of methods of interest for security in Java libraries. SWAN should be used in combination with other static analyses tools. It helps the users to create a set of relevant methods required as an input for static analyses, e.g. taint- and type-state analysis. SWAN detects four types of methods: source, sink, sanitizer, and authentication method. The found methods are further cathegorized according to relevant vulnerabilities (Common Weakness Enummeration - CWE). Curretntly SWAN supports the following CWEs: CWE78, CWE79, CWE89, CWE306, CWE601, CWE862, and CWE863.

SWAN_Assist provides a GUI support for SWAN. The user is able to interact with the learning process by giving feedback on the methods of interest. The tool helps users that write static analyses to create list of SWAN for their specific Java libraries. Moreover, users can manually inspect the proper usage of the methods detected by SWAN.

Contributors:

Goran Piskachev (goran.piskachev@iem.fraunhofer.de)
Lisa Nguyen (lisa.nguyen@uni-paderborn.de)
Oshando Johnson (oshando@iem.fraunhofer.de)
Eric Bodden (eric.bodden@uni-paderborn.de)

Contact:

Goran Piskachev (Fraunhofer IEM, Zukunftsmeile 1, 33102 Paderborn)

Secure Software Engineering Group at Paderborn University and Fraunhofer IEM

Версии библиотеки

Версия
1.3.0 18 сент. 2019 г.
1.2.1 1 авг. 2019 г.
1.2.0 7 июн. 2019 г.
1.1.0 4 июн. 2019 г.
1.0.0 3 июн. 2019 г.

SWAN Weakness Detector

Лицензия

Группа

Идентификатор

Последняя версия

Дата

Тип

Описание

Ссылка на сайт

Система контроля версий