Toward Analysis and Bug Finding in Java']JavaScript Web Applications in the Wild

被引:5
|
作者
Ryu, Sukyoung [1 ]
Park, Jihyeok [1 ]
Park, Joonyoung [1 ]
机构
[1] Korea Adv Inst Sci & Technol, Sch Comp, Daejeon, South Korea
来源
IEEE SOFTWARE | 2019年 / 36卷 / 03期
基金
新加坡国家研究基金会;
关键词
STATIC ANALYSIS;
D O I
10.1109/MS.2018.110113408
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We present our journey to analyze and find bugs in JavaScript web applications in the wild. We describe technical challenges in analyzing them and our solutions to address the challenges via a series of open source analysis frameworks, the scalable analysis framework for ECMAScript (SAFE) family.
引用
收藏
页码:74 / 82
页数:9
相关论文
共 50 条
  • [21] An Architecture for Enforcing Java']JavaScript Randomization in Web2.0 Applications
    Athanasopoulos, Elias
    Krithinakis, Antonis
    Markatos, Evangelos P.
    INFORMATION SECURITY, 2011, 6531 : 203 - 209
  • [22] A comparison of bug finding tools for Java']Java
    Rutar, N
    Almazan, CB
    Foster, JS
    15TH INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING, PROCEEDINGS, 2004, : 245 - 256
  • [23] Java']JavaScript essentials: Creating interactive Web applications - Manger,J
    Gillespie, T
    LIBRARY JOURNAL, 1996, 121 (20) : 138 - 138
  • [24] Java']JavaScript Offloading for Web Applications in Mobile-Cloud Computing
    Yu, Meihua
    Huang, Gang
    Wang, Xudong
    Zhang, Ying
    Chen, Xiangqun
    2015 IEEE THIRD INTERNATIONAL CONFERENCE ON MOBILE SERVICES MS 2015, 2015, : 269 - 276
  • [25] SymJS']JS: Automatic Symbolic Testing of Java']JavaScript Web Applications
    Li, Guodong
    Andreasen, Esben
    Ghosh, Indradeep
    22ND ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (FSE 2014), 2014, : 449 - 459
  • [26] Eval Is Evil: Analyzing Performance of Web Applications Based on PHP and Java']JavaScript by Static Analysis
    Shah, Nilay
    Gubbala, Praveen
    COMPUTING AND NETWORK SUSTAINABILITY, 2017, 12 : 109 - 117
  • [27] Dynamic web worker pool management for highly parallel java']javascript web applications
    Verdu, Javier
    Jose Costa, Juan
    Pajuelo, Alex
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2016, 28 (13): : 3525 - 3539
  • [28] Learning How to Listen: Automatically Finding Bug Patterns in Event-Driven Java']JavaScript APIs
    Arteca, Ellen
    Schafer, Max
    Tip, Frank
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2023, 49 (01) : 166 - 184
  • [29] Finding Security Vulnerabilities in Java']Java Web Applications with Test Generation and Dynamic Taint Analysis
    Huang, Yu-Yu
    Chen, Kung
    Chiang, Shang-Lung
    PROCEEDINGS OF THE 2011 2ND INTERNATIONAL CONGRESS ON COMPUTER APPLICATIONS AND COMPUTATIONAL SCIENCE, VOL 2, 2012, 145 : 133 - 138
  • [30] Writing Java']JavaScript applications
    Friesenhahn, B
    BYTE, 1998, 23 (02): : 59 - 60
12345