Toward Analysis and Bug Finding in Java']JavaScript Web Applications in the Wild

被引：5

作者：

Ryu, Sukyoung ^{[1
]}

Park, Jihyeok ^{[1
]}

Park, Joonyoung ^{[1
]}

机构：

[1] Korea Adv Inst Sci & Technol, Sch Comp, Daejeon, South Korea

来源：

IEEE SOFTWARE | 2019年 / 36卷 / 03期

基金：

新加坡国家研究基金会;

关键词：

STATIC ANALYSIS;

D O I：

10.1109/MS.2018.110113408

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

We present our journey to analyze and find bugs in JavaScript web applications in the wild. We describe technical challenges in analyzing them and our solutions to address the challenges via a series of open source analysis frameworks, the scalable analysis framework for ECMAScript (SAFE) family.

引用

页码：74 / 82

页数：9

共 50 条

[31] Semantics and Analyses for Java']JavaScript and the Web
Krishnamurthi, Shriram
STATIC ANALYSIS, SAS 2012, 2012, 7460 : 4 - 4
[32] Essential Java']JavaScript for Web professionals
Corder, MC
TECHNICAL COMMUNICATION, 2004, 51 (03) : 429 - 430
[33] Spam and Java']JavaScript, future of the web
Andrew, Alex M.
KYBERNETES, 2008, 37 (9-10) : 1463 - 1465
[34] Java']JavaScript primer plus: Enhancing Web pages with Java']JavaScript programming language
Kelly, AG
INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT, 1998, 18 (02) : 162 - 162
[35] Finding and Preventing Bugs in Java']JavaScript Bindings
Brown, Fraser
Narayan, Shravan
Wahby, Riad S.
Engler, Dawson
Jhala, Ranjit
Stefan, Deian
2017 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2017, : 559 - 578
[36] All about the with Statement in Java']JavaScript: Removing with Statements in Java']JavaScript Applications
Park, Changhee
Lee, Hongki
Ryu, Sukyoung
ACM SIGPLAN NOTICES, 2014, 49 (02) : 73 - 84
[37] Java']JavaScript Errors in the Wild: An Empirical Study
Ocariza, Frolin S., Jr.
Pattabiraman, Karthik
Zorn, Benjamin
22ND IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING (ISSRE), 2011, : 100 - 109
[38] A Java']Javascript Web Framework for Rapid Development of Applications in IoT Systems for eHealth
Wahslen, Jonas
Lindh, Thomas
2018 IEEE 20TH INTERNATIONAL CONFERENCE ON E-HEALTH NETWORKING, APPLICATIONS AND SERVICES (HEALTHCOM), 2018,
[39] Detecting Concurrency Errors in Client-side Java']JavaScript Web Applications
Hong, Shin
Park, Yongbae
Kim, Moonzoo
2014 IEEE SEVENTH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST), 2014, : 61 - 70
[40] On Measuring Vulnerable Java']JavaScript Functions in the Wild
Kluban, Maryna
Mannan, Mohammad
Youssef, Amr
ASIA CCS'22: PROCEEDINGS OF THE 2022 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2022, : 917 - 930

← 1 2 3 4 5 →