Skip to content

BSI-Bund/ML-SAST

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
evaluation
evaluation
 
 
example
example
 
 
frontend
frontend
 
 
miniupnp_example
miniupnp_example
 
 
mlsast
mlsast
 
 
models
models
 
 
neo4j-procedure-src
neo4j-procedure-src
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
.pylintrc
.pylintrc
 
 
Developer-Documentation.md
Developer-Documentation.md
 
 
Installation.md
Installation.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Usage.md
Usage.md
 
 
architecture.png
architecture.png
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

ML-SAST-Prototyp

The ML-SAST-Prototyp is a tool to detect software vulnerabilities. It uses a clustering algorithm to differentiate benign from vulnerable source code. Contrary to other machine-learning tools it does not work on the raw source code to find vulnerabilities but rather on the control-flow graph. The tool contains a novel toolchain to generate the control-flow graph from the source code. This graph is transformed into a machine-learning compatible format and compared against vulnerable source code extracted from the Juliet Test Suite for C and C++.

Structure

The ML-SAST-Prototyp consists of several components: the actual tool "mlsast", bening and vulnerable paths from the Juliet Test Suite for C and C++ "models", an oracle test "evaluation", an example to try out the prototype "example" and a frontend to display detected vulnerabilites "frontend".

License

The ML-SAST-Prototyp is licensed under the GNU GENERAL PUBLIC LICENSE 3. For more information on the license, see the included license text itself or visit GNU GENERAL PUBLIC LICENSE.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages