A graphical security analysis tool for IoT networks
Archive Notice - After the completion of my research degree the repository has been archived.
ASTo has made a significant impact to my research. I want to express my gratitude to everyone that helped make it better.
However, this is not the end. Active development with continue on CyberLens's repository. Please report issues and feature requests there.
ASTo is security analysis tool for IoT networks. It is developed to support the Apparatus security framework. ASTo is based on electron and cytoscape.js. The icons are provided by Google's Material Design.
The application is in alpha stage. The focus now is to improve the core functionality of the application along with the introduction of additional features, to reach beta stage.
ASTo has a command line console available on the bottom right corner of the app. You gain focus on the console by pressing the keybinding
cmd + lfor macOs and
ctrl + lfor Windows/Linux. If you type
help, it will display a list of console options.
The console can be used to search for specific objects in the graph or perform operations. Raw text is used as search input. For example, if you type
device, ASTo will highlight all the nodes in the graph that have the word
deviceas an attribute.
All console commands must be preceded with a
:. For example, typing
:insightswill perform the security insights functions. On the other hand, typing
:) will perform a search operation on the graph elements with the keyword
# Clone this repository git clone https://github.com/Or3stis/apparatus.git # Navigate into the repository cd apparatus # Install dependencies npm install
Different mode operations of the app.
# To run the app in the default mode npm start # To run the app in developer mode npm run dev # To build the app into binary npm run dist
Because the app is still in prototype stage, it is best to keep up to date with the most recent commits. To do so, before starting the app, type:
# inside the apparatus directory
update to the latest
Once the app starts, the first window (home screen) will ask you to choose which modeling phase would you like to use. After you select a phase, you will be presented with three choices. The first is to create a new graph. The second choice is to load an existing graph. The third option is the debug app, which loads a default graph used for debugging purposes.
You will find some example graphs in the
- Note in performance. If you render a graph with more than a thousand nodes, depending on your hardware, you might detect some performance issues. The reason is that the default label rendering of nodes and edges in ASTo is quite expensive. Rendering label on nodes and edges along with directional arrows is CPU expensive. To improve performance, you can hide the labels and the directional arrows by pressing the
You can find more information about Cytoscape's performance optimizations in this link.
The Software does not collect personal information of any kind.
The only network operation the application performs is when the vulnerability identification process is used. The vulnerability identification makes a network request to 'https://cve.circl.lu/api/search/' (can be changed in the settings), which maintains its own analytics.
If you want to contribute to the project, that's great 😃. Check the contributing guide. The application is being developed on macOs. That means that new commits might introduce breaking changes in other platforms. Especially commits that involve access to the file system. If something is not working, don't hesitate to create an issue.
If you want to find out how the app works check the wiki.
You can check the project's planned features in the roadmap.