A Practical Blended Analysis for Dynamic Features in JavaScript
| dc.contributor.author | Wei, Shiyi | en |
| dc.contributor.author | Ryder, Barbara G. | en |
| dc.contributor.department | Computer Science | en |
| dc.date.accessioned | 2013-06-19T14:36:32Z | en |
| dc.date.available | 2013-06-19T14:36:32Z | en |
| dc.date.issued | 2012 | en |
| dc.description.abstract | JavaScript is widely used in Web applications; however, its dynamism renders static analysis ineffective. Our JavaScript Blended Analysis Framework is designed to handle JavaScript dynamic features. It performs a flexible combined static/dynamic analysis. The blended analysis focuses static analysis on a dynamic calling structure collected at runtime in a lightweight manner, and refines the static analysis using dynamic information. The framework is instantiated for points-to analysis with stmt-level MOD analysis and tainted input analysis. Using JavaScript codes from actual webpages as benchmarks, we show that blended points-to analysis for JavaScript obtains good coverage (86.6% on average per website) of the pure static analysis solution and finds additional points-to pairs (7.0% on average per website) contributed by dynamically generated/loaded code. Blended tainted input analysis reports all 6 true positives reported by static analysis, but without false alarms, and finds three additional true positives. | en |
| dc.format.mimetype | application/pdf | en |
| dc.identifier | http://eprints.cs.vt.edu/archive/00001206/ | en |
| dc.identifier.sourceurl | http://eprints.cs.vt.edu/archive/00001206/01/BlendedJavaScript2clients.pdf | en |
| dc.identifier.trnumber | TR-12-18 | en |
| dc.identifier.uri | http://hdl.handle.net/10919/19421 | en |
| dc.language.iso | en | en |
| dc.publisher | Department of Computer Science, Virginia Polytechnic Institute & State University | en |
| dc.rights | In Copyright | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.subject | Information retrieval | en |
| dc.subject | Algorithms | en |
| dc.subject | Data structures | en |
| dc.title | A Practical Blended Analysis for Dynamic Features in JavaScript | en |
| dc.type | Technical report | en |
| dc.type.dcmitype | Text | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- BlendedJavaScript2clients.pdf
- Size:
- 224.78 KB
- Format:
- Adobe Portable Document Format