New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create tests to evaluate the number of false positives and false negatives #222

Merged

christophetd merged 11 commits into main from rma/test_false_positives

May 9, 2023

Contributor

romain-dd commented Apr 14, 2023 •

edited

Loading

What is done in this PR:

Download ~500 legit pypi packages
Download ~1000 malicious packages
Add folder scanning capability to guarddog to analyze packages
Dockerfile to test malicious packages
Clean up json result to avoid empty category like "result": {"npm-install-script": {}, "steganography": {}}. So we''ll only get the categories if something malicious/suspicious has been found, if nothing found, we'll get "result": {}

Test round 1:

In a container, I tested with 100 legit packages, it took ~5min (which is too slow), and found 12 false positives
On my local machine, same result except it took 1min 30s.

Test round 2:

Test ~500 legit pypi packages, I got the result after 8 min and found 46 false positives (I didn't analyze them), so this give us a ratio of ~9% of false positives

romain-dd force-pushed the rma/test_false_positives branch 3 times, most recently from ebfcb02 to 4deb421 Compare

April 17, 2023 07:36

romain-dd force-pushed the rma/test_false_positives branch from d5bb91b to cc7047a Compare

April 28, 2023 11:22

romain-dd marked this pull request as ready for review

April 28, 2023 11:31

romain-dd force-pushed the rma/test_false_positives branch 2 times, most recently from 0f4758c to cf2bd19 Compare

April 28, 2023 12:03

christophetd reviewed

View reviewed changes

guarddog/cli.py Show resolved Hide resolved

christophetd reviewed

View reviewed changes

guarddog/cli.py Show resolved Hide resolved

christophetd reviewed

View reviewed changes

guarddog/cli.py Show resolved Hide resolved

christophetd reviewed

View reviewed changes

guarddog/cli.py Show resolved Hide resolved

christophetd reviewed

View reviewed changes

tests/samples/Dockerfile Show resolved Hide resolved

christophetd reviewed

View reviewed changes

tests/samples/Dockerfile Show resolved Hide resolved

christophetd reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

christophetd reviewed

View reviewed changes

README.md Outdated Show resolved Hide resolved

romain-dd added 8 commits

May 5, 2023 13:00


          Download top legit pypi and malicious pypi packages

fd1fe23


          Add scanning folder capability to guarddog

f9e9e65


          Fix lint + fix downloaded legit packages

b813837


          Improve both bash files


          Add Dockerfile to test legit and malicious packages to avoid triggeri…

4f128f3

…ng AV


          Rename folder

56b8481


          Add bash script to run test locally + rename the old file

f26aa32


          Add details in the README + add comments in the code + a few adjustment

28013b4

romain-dd force-pushed the rma/test_false_positives branch from 82e50a7 to 28013b4 Compare

May 5, 2023 11:01


          Fix lint

ea46a68

christophetd reviewed

View reviewed changes

tests/samples/download_malicious_pypi_package.sh Outdated Show resolved Hide resolved


          Remove new formatting to match the previous one + install guarddog fr…

0dda770

…om github branch

romain-dd force-pushed the rma/test_false_positives branch from 7d668bf to 0dda770 Compare

May 9, 2023 10:28


          Fix typo + add details in the readme

aaa060f

christophetd approved these changes

View reviewed changes

christophetd merged commit 8814db5 into main

christophetd deleted the rma/test_false_positives branch

May 9, 2023 13:11

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet