DASCA/README.md

# DASCA

## Installation

### Prerequisites

* Java 8 (Java 9 or later is currently *not* supported)
* Android SDK (to obtain dx.jar)
* Eclipse Oxygen, including
  * The Plug-in Development Environment (PDE)
  * JavaScript Development Tools (JSDT)
  * [Scala IDE and Scalatest Runner (the latter is optional)](http://download.scala-ide.org/sdk/lithium/e44/scala211/stable/site)
  * ["Maven for Scala" - Maven Integration for Eclipse](http://alchim31.free.fr/m2e-scala/update-site)
  * m2e - Maven Integration for Eclipse
* [CVC3](http://cs.nyu.edu/acsys/cvc3/) including the Java bindings for CVC3
* [apktool](https://ibotpeaches.github.io/Apktool/)


### Checkout

The repository can be cloned as usual:

```
git clone https://git.logicalhacking.com/DASCA/DASCA.git
```

### Resolving external dependencies

* Ensure that the environment variable `ANDROID_HOME` is set correctly and that
  the Android SDK has API 19 installed, i.e.,
  `${ANDROID_HOME}/platforms/android-19/android.jar` should be a valid path.
* Install ``apktool_2.3.0.jar`` into your local maven repository:

```
cd $(mktemp -d)
wget https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.3.0.jar
mvn install:install-file -Dfile=apktool_2.3.0.jar -DgroupId=apktool -DartifactId=apktool -Dpackaging=jar -Dversion=2.3.0
```

### WALA configuration

DASCA (and the underlying WALA setup) is tested with Java version 8.
If DASCA is installed using Java 8, there should be no need for updating 
the WALA configuration. 

If you experience problems or want to optimize the performance (e.g., 
by analyzing the programs based on a different Java version), you 
might need to configure the location of the Java JDK. The JDK used
as part of the static analysis is configured in the `wala.properties` 
file, e.g.
```
cd DASCA/
echo "java_runtime_dir = <PATH-TO-JDK>" >> externals/WALA/com.ibm.wala.core/dat/wala.properties
```
Don't forget to adjust the path to the Java JDK accordingly, i.e.,
the `<PATH-TO-JDK>` should point to the directory containing the file
`rt.lib`.

### How to Compile

First check that the variable `JAVA_HOME` is configured correctly, e.g.:
```
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
```

Second, resolve the dependencies using maven:
```
cd src/com.logicalhacking.dasca.parent/
mvn -P wala clean verify -DskipTests=true 
```

After this, all projects can be imported into a fresh Eclipse
workspace using `File -> Import -> Maven -> Existing Maven Projects`:
 1. Select the DASCA `src` folder as source for the import
 2. Import all offered projects (WALA and DASCA)

While some WALA projects may contain compilation errors, all DASCA 
projects (i.e., `com.logicalhacking.dasca.*`) should compile without errors.

## Team 

Main contact: [Achim D. Brucker](http://www.brucker.ch/)

### Contributors

* Thomas Deuster
* [Michael Herzberg](http://www.dcs.shef.ac.uk/cgi-bin/makeperson?M.Herzberg)
* Tim Herres

## License

This project is licensed under the Eclipse Public License 1.0. 

## Publications

* Achim D. Brucker and Michael Herzberg. [On the Static Analysis of
  Hybrid Mobile Apps: A Report on the State of Apache Cordova
  Nation.](https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf)
  In International Symposium on Engineering Secure Software
  and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages
  72-88, Springer-Verlag, 2016.
  https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016
  doi: [10.1007/978-3-319-30806-7_5](http://dx.doi.org/10.1007/978-3-319-30806-7_5)
Initial commit 2015-05-29 09:21:26 +00:00			`# DASCA`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`## Installation`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`### Prerequisites`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
State explicitly that only Java 8 is supported. 2018-04-05 08:13:02 +00:00			`* Java 8 (Java 9 or later is currently not supported)`
Fixed typo. 2015-10-29 12:48:37 +00:00			`* Android SDK (to obtain dx.jar)`
Updated dependencies (recommended eclipse version, etc.). 2017-09-11 13:37:30 +00:00			`* Eclipse Oxygen, including`
Documented PDE and JSDT requirements. 2018-05-05 05:58:47 +00:00			`* The Plug-in Development Environment (PDE)`
			`* JavaScript Development Tools (JSDT)`
Updated dependencies (recommended eclipse version, etc.). 2017-09-11 13:37:30 +00:00			`* [Scala IDE and Scalatest Runner (the latter is optional)](http://download.scala-ide.org/sdk/lithium/e44/scala211/stable/site)`
Added URLs for dependencies. 2016-09-21 21:37:03 +00:00			`* ["Maven for Scala" - Maven Integration for Eclipse](http://alchim31.free.fr/m2e-scala/update-site)`
Removed outdated M2E site URL (M2E is now part of the Oxygen repository). 2018-04-05 08:29:36 +00:00			`* m2e - Maven Integration for Eclipse`
Added URLs for dependencies. 2016-09-21 21:37:03 +00:00			`* [CVC3](http://cs.nyu.edu/acsys/cvc3/) including the Java bindings for CVC3`
			`* [apktool](https://ibotpeaches.github.io/Apktool/)`
Updated readme to reflect switch to new 'import as Maven project' setup. 2015-10-15 08:34:37 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00
			`### Checkout`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
			`The repository can be cloned as usual:`

Added instructions/example for recursive cloning. 2015-06-27 18:27:39 +00:00			```
Updated cloning instructions. 2018-10-26 22:01:13 +00:00			`git clone https://git.logicalhacking.com/DASCA/DASCA.git`
Added instructions/example for recursive cloning. 2015-06-27 18:27:39 +00:00			```
Updated readme to reflect switch to new 'import as Maven project' setup. 2015-10-15 08:34:37 +00:00
			`### Resolving external dependencies`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Added URLs for dependencies. 2016-09-21 21:37:03 +00:00			* Ensure that the environment variable `ANDROID_HOME` is set correctly and that
Updated readme to reflect switch to new 'import as Maven project' setup. 2015-10-15 08:34:37 +00:00			`the Android SDK has API 19 installed, i.e.,`
Added URLs for dependencies. 2016-09-21 21:37:03 +00:00			`${ANDROID_HOME}/platforms/android-19/android.jar` should be a valid path.
Updated version of apktool (now 2.3.0). 2017-11-01 23:28:20 +00:00			* Install ``apktool_2.3.0.jar`` into your local maven repository:
Fixed README. 2016-09-11 11:59:21 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			```
Fixed README. 2016-09-11 09:20:44 +00:00			`cd $(mktemp -d)`
Updated version of apktool (now 2.3.0). 2017-11-01 23:28:20 +00:00			`wget https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.3.0.jar`
			`mvn install:install-file -Dfile=apktool_2.3.0.jar -DgroupId=apktool -DartifactId=apktool -Dpackaging=jar -Dversion=2.3.0`
Fixed markup. 2015-10-15 08:57:06 +00:00			```
Initial commit. 2015-06-15 07:22:50 +00:00
Added WALA config and Troubleshooting sections. 2016-09-11 11:51:22 +00:00			`### WALA configuration`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Updated dependencies (recommended eclipse version, etc.). 2017-09-11 13:37:30 +00:00			`DASCA (and the underlying WALA setup) is tested with Java version 8.`
			`If DASCA is installed using Java 8, there should be no need for updating`
			`the WALA configuration.`
Improved section about WALA configuration. 2016-10-09 09:21:57 +00:00
			`If you experience problems or want to optimize the performance (e.g.,`
			`by analyzing the programs based on a different Java version), you`
Updated dependencies (recommended eclipse version, etc.). 2017-09-11 13:37:30 +00:00			`might need to configure the location of the Java JDK. The JDK used`
Improved section about WALA configuration. 2016-10-09 09:21:57 +00:00			as part of the static analysis is configured in the `wala.properties`
			`file, e.g.`
Added WALA config and Troubleshooting sections. 2016-09-11 11:51:22 +00:00			```
			`cd DASCA/`
Removed requirement for JDK 6. DASCA now also works with JDK 8. 2016-09-19 10:13:53 +00:00			`echo "java_runtime_dir = <PATH-TO-JDK>" >> externals/WALA/com.ibm.wala.core/dat/wala.properties`
Added WALA config and Troubleshooting sections. 2016-09-11 11:51:22 +00:00			```
Added URLs for dependencies. 2016-09-21 21:37:03 +00:00			`Don't forget to adjust the path to the Java JDK accordingly, i.e.,`
			the `<PATH-TO-JDK>` should point to the directory containing the file
			`rt.lib`.
Removed requirement for JDK 6. DASCA now also works with JDK 8. 2016-09-19 10:13:53 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`### How to Compile`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Documented requirement to configure JAVA_HOME. 2017-10-31 08:15:23 +00:00			First check that the variable `JAVA_HOME` is configured correctly, e.g.:
			```
			`export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64`
			```

			`Second, resolve the dependencies using maven:`
Initial commit. 2015-06-15 07:22:50 +00:00			```
Refactoring: eu.aniketos -> com.logicalhacking. 2017-05-21 14:58:16 +00:00			`cd src/com.logicalhacking.dasca.parent/`
Documented requirement to configure JAVA_HOME. 2017-10-31 08:15:23 +00:00			`mvn -P wala clean verify -DskipTests=true`
Initial commit. 2015-06-15 07:22:50 +00:00			```
Documented requirement to configure JAVA_HOME. 2017-10-31 08:15:23 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`After this, all projects can be imported into a fresh Eclipse`
Updated readme to reflect switch to new 'import as Maven project' setup. 2015-10-15 08:34:37 +00:00			workspace using `File -> Import -> Maven -> Existing Maven Projects`:
Fixed markdown. 2016-09-20 07:12:03 +00:00			1. Select the DASCA `src` folder as source for the import
Update README.md 2015-10-15 10:39:15 +00:00			`2. Import all offered projects (WALA and DASCA)`
Improved markdown. 2016-08-08 19:58:06 +00:00
Added link to WALA homepage. 2016-11-03 23:58:40 +00:00			`While some WALA projects may contain compilation errors, all DASCA`
Refactoring: eu.aniketos -> com.logicalhacking. 2017-05-21 14:58:16 +00:00			projects (i.e., `com.logicalhacking.dasca.*`) should compile without errors.
Initial commit. 2015-06-15 07:22:50 +00:00
			`## Team`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`Main contact: [Achim D. Brucker](http://www.brucker.ch/)`

			`### Contributors`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Initial commit. 2015-06-15 07:22:50 +00:00			`* Thomas Deuster`
Added link to website for Michael Herzberg. 2016-07-30 22:31:42 +00:00			`* [Michael Herzberg](http://www.dcs.shef.ac.uk/cgi-bin/makeperson?M.Herzberg)`
Initial commit. 2015-06-15 07:22:50 +00:00			`* Tim Herres`
Added ESSoS 2016 publication. 2016-07-28 22:51:21 +00:00
Added license information. 2016-11-27 10:40:10 +00:00			`## License`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Added license information. 2016-11-27 10:40:10 +00:00			`This project is licensed under the Eclipse Public License 1.0.`
Added link to website for Michael Herzberg. 2016-07-30 22:31:42 +00:00
Minor layout improvements. 2016-09-14 18:02:44 +00:00			`## Publications`
Updated cloning instructions. 2018-10-26 22:01:13 +00:00
Added ESSoS 2016 publication. 2016-07-28 22:51:21 +00:00			`* Achim D. Brucker and Michael Herzberg. [On the Static Analysis of`
			`Hybrid Mobile Apps: A Report on the State of Apache Cordova`
			`Nation.](https://www.brucker.ch/bibliography/download/2016/brucker.ea-cordova-security-2016.pdf)`
			`In International Symposium on Engineering Secure Software`
			`and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages`
			`72-88, Springer-Verlag, 2016.`
			`https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016`
			`doi: [10.1007/978-3-319-30806-7_5](http://dx.doi.org/10.1007/978-3-319-30806-7_5)`