Toward Analysis and Bug Finding in Java']JavaScript Web Applications in the Wild

被引：5

作者：

Ryu, Sukyoung ^{[1
]}

Park, Jihyeok ^{[1
]}

Park, Joonyoung ^{[1
]}

机构：

[1] Korea Adv Inst Sci & Technol, Sch Comp, Daejeon, South Korea

来源：

IEEE SOFTWARE | 2019年 / 36卷 / 03期

基金：

新加坡国家研究基金会;

关键词：

STATIC ANALYSIS;

D O I：

10.1109/MS.2018.110113408

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

We present our journey to analyze and find bugs in JavaScript web applications in the wild. We describe technical challenges in analyzing them and our solutions to address the challenges via a series of open source analysis frameworks, the scalable analysis framework for ECMAScript (SAFE) family.

引用

页码：74 / 82

页数：9

共 49 条

[1] Battles with False Positives in Static Analysis of Java']JavaScript Web Applications in the Wild
Park, Joonyoung
Lim, Inho
Ryu, Sukyoung
2016 IEEE/ACM 38TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING COMPANION (ICSE-C), 2016, : 61 - 70
[2] Journey to Find Bugs in Java']JavaScript Web Applications in the Wild
Ryu, Sukyoung
ACM SIGPLAN NOTICES, 2016, 51 (09) : 2 - 2
[3] Discovering Bug Patterns in Java']JavaScript
Hanam, Quinn
Brito, Fernando S. de M.
Mesbah, Ali
FSE'16: PROCEEDINGS OF THE 2016 24TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON FOUNDATIONS OF SOFTWARE ENGINEERING, 2016, : 144 - 156
[4] Eval Is Evil: Analyzing Performance of Web Applications Based on PHP and Java']JavaScript by Static Analysis
Shah, Nilay
Gubbala, Praveen
COMPUTING AND NETWORK SUSTAINABILITY, 2017, 12 : 109 - 117
[5] Learning How to Listen: Automatically Finding Bug Patterns in Event-Driven Java']JavaScript APIs
Arteca, Ellen
Schafer, Max
Tip, Frank
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2023, 49 (01) : 166 - 184
[6] All about the with Statement in Java']JavaScript: Removing with Statements in Java']JavaScript Applications
Park, Changhee
Lee, Hongki
Ryu, Sukyoung
ACM SIGPLAN NOTICES, 2014, 49 (02) : 73 - 84
[7] Elysia: Optimizing Java']JavaScript Web Framework
Archiwaranguprok, Chayapatr
Khunpanitchot, Kongkeit
Mano, Phoomparin
Toahchoodee, Manachai
39TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2024, 2024, : 1789 - 1796
[8] Statically Checking Web API Requests in Java']JavaScript
Wittern, Erik
Ying, Annie T. T.
Zheng, Yunhui
Dolby, Julian
Laredo, Jim A.
2017 IEEE/ACM 39TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2017, : 244 - 254
[9] DETECTING SERVER-SIDE ENDPOINTS IN WEB APPLICATIONS BASED ON STATIC ANALYSIS OF CLIENT-SIDE Java']JavaScript CODE
Sigalov, D. A.
Khashaev, A. A.
Gamayunov, D. Yu.
PRIKLADNAYA DISKRETNAYA MATEMATIKA, 2021, (53): : 32 - 54
[10] Finding Server-Side Endpoints with Static Analysis of Client-Side Java']JavaScript
Sigalov, Daniil
Gamayunov, Dennis
COMPUTER SECURITY. ESORICS 2023 INTERNATIONAL WORKSHOPS, CPS4CIP, PT II, 2024, 14399 : 442 - 458

← 1 2 3 4 5 →