The effectiveness of the widely adopted static analysis tools is often limited by JavaScript’s dynamic nature and the need to over-approximate runtime behaviors. To tackle this challenge, we research robust dynamic analysis techniques for real-world JavaScript code.To analyze front-end web applications, we first extend Jalangi which is a dynamic analysis framework based on source code instrumentation. Our extension of Jalangi intercepts and rewrites JavaScript code during network transmission. We also develop NodeSec, which is a dynamic instrumentation framework that traces and sandboxes the interactions between a Node.js program and the operating system. Based on the two frameworks, we research dynamic analysis techniques to detect correct...
Static flow analyses compute a safe approximation of a program’s dataflow without executing it. Dyna...
Web application scanners are popular tools to perform black box testing and are widely used to disco...
JavaScript is a dynamic object-oriented programming language, which is designed with flexi-ble progr...
The effectiveness of the widely adopted static analysis tools is often limited by JavaScript’s dynam...
JavaScript has become one of the most popular programming languages, yet it is known for its subopti...
Static analysis techniques provide a means to detect software errors early in the development proces...
JavaScript is widespread. Web developers use JavaScript to enrich user experience via dynamic conten...
JavaScript is widely used for writing client-side web applica-tions and is getting increasingly popu...
Due to the increased usage of JavaScript in web applications and the speed at which web technologies...
Although the dynamicity of languages such as JavaScript threatens our ability to understand them, by...
Most modern JavaScript engines use just-in-time (JIT) compilation to translate parts of JavaScript c...
Due to the increased usage of JavaScript in web applications and the speed at which web technologies...
JavaScript has become a central technology of the web, but it is also the source of many security pr...
Asynchrony has become an inherent element of JavaScript, as an effort to improve the scalability and...
The JavaScript Blended Analysis Framework is designed to perform a general-purpose, practical combin...
Static flow analyses compute a safe approximation of a program’s dataflow without executing it. Dyna...
Web application scanners are popular tools to perform black box testing and are widely used to disco...
JavaScript is a dynamic object-oriented programming language, which is designed with flexi-ble progr...
The effectiveness of the widely adopted static analysis tools is often limited by JavaScript’s dynam...
JavaScript has become one of the most popular programming languages, yet it is known for its subopti...
Static analysis techniques provide a means to detect software errors early in the development proces...
JavaScript is widespread. Web developers use JavaScript to enrich user experience via dynamic conten...
JavaScript is widely used for writing client-side web applica-tions and is getting increasingly popu...
Due to the increased usage of JavaScript in web applications and the speed at which web technologies...
Although the dynamicity of languages such as JavaScript threatens our ability to understand them, by...
Most modern JavaScript engines use just-in-time (JIT) compilation to translate parts of JavaScript c...
Due to the increased usage of JavaScript in web applications and the speed at which web technologies...
JavaScript has become a central technology of the web, but it is also the source of many security pr...
Asynchrony has become an inherent element of JavaScript, as an effort to improve the scalability and...
The JavaScript Blended Analysis Framework is designed to perform a general-purpose, practical combin...
Static flow analyses compute a safe approximation of a program’s dataflow without executing it. Dyna...
Web application scanners are popular tools to perform black box testing and are widely used to disco...
JavaScript is a dynamic object-oriented programming language, which is designed with flexi-ble progr...