English
Related papers

Related papers: Fakeium: A Dynamic Execution Environment for JavaS…

200 papers

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Florian Sieck , Anna Pätschke , Thomas Eisenbarth

The development of a real-time web application often starts with a feature-driven approach allowing to quickly react to users feedbacks. However, this approach poorly scales in performance. Yet, the user-base can increase by an order of…

Programming Languages · Computer Science 2015-12-23 Etienne Brodu , Stéphane Frénot , Frédéric Oblé

This work addresses JavaScript malware detection to enhance client-side web application security with a behavior-based system. The ability to detect malicious JavaScript execution sequences is a critical problem in modern web security as…

Cryptography and Security · Computer Science 2025-05-28 Pedro Pereira , José Gonçalves , João Vitorino , Eva Maia , Isabel Praça

The popularity and wide adoption of JavaScript both at the client and server side makes its code analysis more important than ever before. Most of the algorithms for vulnerability analysis, coding issue detection, or type inference rely on…

Software Engineering · Computer Science 2024-05-14 Gábor Antal , Péter Hegedűs , Zoltán Tóth , Rudolf Ferenc , Tibor Gyimóthy

Static analysis is a growing application of software engineering, leading to a range of essential security tools, bug-finding tools, as well as software verification. Recent years show an increase of universal static analysis tools that…

Programming Languages · Computer Science 2024-04-22 Avi Hayoun , Veselin Raychev , Jack Hair

JavaScript is an interpreted language mainly known for its inclusion in web browsers, making them a container for rich Internet based applications. This has inspired its use, for a long time, as a tool for evolutionary algorithms, mainly so…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-01-08 Juan-J. Merelo , Mario García-Valdez , Pedro A. Castillo , Pablo García-Sánchez , P. de las Cuevas , Nuria Rico

Static program analysis development is a non-trivial and time-consuming task. We present a framework through which developers can define static program analyses in natural language. We show the application of this framework to identify…

Programming Languages · Computer Science 2023-01-13 Mohammad Mehdi Pourhashem Kallehbasti , Mohammad Ghafari

Traffic analysis attacks remain a significant problem for online security. Communication between nodes can be observed by network level attackers as it inherently takes place in the open. Despite online services increasingly using encrypted…

Cryptography and Security · Computer Science 2025-07-04 Jeppe Fredsgaard Blaabjerg , Aslan Askarov

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Dynamic programming languages, such as PHP, JavaScript, and Python, provide built-in data structures including associative arrays and objects with similar semantics-object properties can be created at run-time and accessed via arbitrary…

Software Engineering · Computer Science 2014-05-07 David Hauzar , Jan Kofroň , Pavel Baštecký

Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient…

Programming Languages · Computer Science 2015-01-20 Stefan Heule , Deian Stefan , Edward Z. Yang , John C. Mitchell , Alejandro Russo

Researchers have developed various techniques for static analysis of JavaScript to improve analysis precision. To develop such techniques, they first identify causes of the precision losses for unproven properties. While most of the…

Programming Languages · Computer Science 2019-09-30 Hongki Lee , Changhee Park , Sukyoung Ryu

We describe JSAI, an abstract interpreter for JavaScript. JSAI uses novel abstract domains to compute a reduced product of type inference, pointer analysis, string analysis, integer and boolean constant propagation, and control-flow…

Programming Languages · Computer Science 2014-03-18 Vineeth Kashyap , Kyle Dewey , Ethan A. Kuefner , John Wagner , Kevin Gibbons , John Sarracino , Ben Wiedermann , Ben Hardekopf

Regular expressions are a concise yet expressive language for expressing patterns. For instance, in networked software, they are used for input validation and intrusion detection. Yet some widely deployed regular expression matchers based…

Programming Languages · Computer Science 2013-01-08 James Kirrage , Asiri Rathnayake , Hayo Thielecke

Static analysis tools are traditionally used to detect and flag programs that violate properties. We show that static analysis tools can also be used to perturb programs that satisfy a property to construct variants that violate the…

Information flow analysis prevents secret or untrusted data from flowing into public or trusted sinks. Existing mechanisms cover a wide array of options, ranging from lightweight taint analysis to heavyweight information flow control that…

Cryptography and Security · Computer Science 2019-06-28 Cristian-Alexandru Staicu , Daniel Schoepe , Musard Balliu , Michael Pradel , Andrei Sabelfeld

There is a vast gap in the quality of IDE tooling between static languages like Java and dynamic languages like Python or JavaScript. Modern frameworks and libraries in these languages heavily use their dynamic capabilities to achieve the…

Programming Languages · Computer Science 2024-02-01 Franciszek Piszcz

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Modern websites extensively rely on JavaScript to implement both functionality and tracking. Existing privacy enhancing content blocking tools struggle against mixed scripts, which simultaneously implement both functionality and tracking,…

Cryptography and Security · Computer Science 2024-05-29 Abdul Haddi Amjad , Shaoor Munir , Zubair Shafiq , Muhammad Ali Gulzar

JavaScript, a scripting language employed to augment the capabilities of web browsers within web pages or browser extensions, utilizes code segments termed JavaScript inclusions. While the security aspects of JavaScript inclusions in web…

Cryptography and Security · Computer Science 2025-05-27 Chong Guan