2.8 KiB
DASCA
Installation
Prerequisites
- Java 8 (Java 9 or later is currently not supported)
- Android SDK (to obtain dx.jar)
- Eclipse Oxygen, including
- The Plug-in Development Environment (PDE)
- JavaScript Development Tools (JSDT)
- Gradle Integration (Buildship)
- Scala IDE and Scalatest Runner (the latter is optional)
- CVC3 including the Java bindings for CVC3
Checkout
The repository can be cloned as usual:
git clone https://git.logicalhacking.com/DASCA/DASCA.git
Note, if you authorized to access the confidential test cases of DASCA, you can obtain them by executing
git submodule update --init --recursive
WALA configuration
DASCA (and the underlying WALA setup) is tested with Java version 8. If DASCA is installed using Java 8, there should be no need for updating the WALA configuration.
If you experience problems or want to optimize the performance (e.g.,
by analyzing the programs based on a different Java version), you
might need to configure the location of the Java JDK. The JDK used
as part of the static analysis is configured in the wala.properties
file, e.g.
cd DASCA/
echo "java_runtime_dir = <PATH-TO-JDK>" >> externals/WALA/com.ibm.wala.core/dat/wala.properties
Don't forget to adjust the path to the Java JDK accordingly, i.e.,
the <PATH-TO-JDK>
should point to the directory containing the file
rt.lib
.
How to Compile
First check that the variable JAVA_HOME
is configured correctly, to ensure
that Java 8 is used, e.g.:
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
export PATH=$JAVA_HOME/bin:$PATH
The project can be compiled using gradle
./gradlew clean assemble test
Import into Eclipse
All projects can be imported into a (fresh) Eclipse workspace
using File -> Import -> Gradle -> Existing Maven Projects
:
- Select the DASCA folder as source for the import
- Import all offered projects
Team
Main contact: Achim D. Brucker
Contributors
- Thomas Deuster
- Michael Herzberg
- Tim Herres
License
This project is licensed under the Eclipse Public License 1.0.
Publications
- Achim D. Brucker and Michael Herzberg. On the Static Analysis of Hybrid Mobile Apps: A Report on the State of Apache Cordova Nation. In International Symposium on Engineering Secure Software and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages 72-88, Springer-Verlag, 2016. https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016 doi: 10.1007/978-3-319-30806-7_5