Skip to content

Commit c8ae88b

Browse files
DanielLin1986DanielLin1986
committed
Finished readme file.
1 parent 9d85734 commit c8ae88b

File tree

2 files changed

+12
-6
lines changed

2 files changed

+12
-6
lines changed

Data/CodeMetrics.xlsx

45.1 KB
Binary file not shown.

README.md

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ The page contains the code and data used in the paper [Vulnerability Discovery w
99
* [Tensorflow](https://www.tensorflow.org/)
1010
* [Keras](https://github.com/fchollet/keras/tree/master/keras)
1111
* Python >= 2.7
12+
* [CodeSensor](https://github.com/fabsx00/codesensor)
1213

1314
The dependencies can be installed using [Anaconda](https://www.anaconda.com/download/). For example:
1415

@@ -18,12 +19,17 @@ $ bash Anaconda3-5.0.1-Linux-x86_64.sh
1819

1920
### Instructions:
2021

21-
*
22+
The Vulnerabilities_info.xlsx file contains information of the collected function-level vulnerabilities. These vulnerabilities are from 3 open source projects: [FFmpeg](https://github.com/FFmpeg/FFmpeg), [LibTIFF](https://github.com/vadz/libtiff) and [LibPNG](https://github.com/glennrp/libpng). And vulnerability information was collected from [National Vulnerability Database(NVD)](https://nvd.nist.gov/) until the mid of July 2017.
2223

24+
The "Data" folder contains the source code of vulnerable functions within the Zip file of the 3 projects. After unzipping the files, one will find that the source code of each function was named with its CVE ID.
2325

24-
### Stuff used to make this:
26+
The "Code" folder contains the Python code sample for invoking the CodeSensor to parse functions to ASTs (for detail information and usage of CodeSensor, please visiter the author's blog: http://codeexploration.blogspot.com.au/) It also contains the Python code sample for implementing LSTM based on Keras with Tensorflow backend.
27+
28+
We used [Understand](https://scitools.com/) which is a commercial code enhancement tool for extracting function-level code metrics. In CodeMetrics.xlsx file, we include 23 code metrics extracted from the vulnerable functions of 3 projects.
29+
30+
### Contact:
31+
32+
You are welcomed to improve our code as well as our method. Please cite our paper if you use the code/data in your work. For acquiring more data or enquiries, please contact: junzhang@swin.edu.au.
33+
34+
Thanks and enjoy coding!
2535

26-
* [markdown-it](https://github.com/markdown-it/markdown-it) for Markdown parsing
27-
* [CodeMirror](http://codemirror.net/) for the awesome syntax-highlighted editor
28-
* [highlight.js](http://softwaremaniacs.org/soft/highlight/en/) for syntax highlighting in output code blocks
29-
* [js-deflate](https://github.com/dankogai/js-deflate) for gzipping of data to make it fit in URLs

0 commit comments

Comments
 (0)