Suchergebnisse - JavaScript sandbox

JSCSP: A Novel Policy-Based XSS Defense Mechanism for Browsers von Xu, Guangquan, Xie, Xiaofei, Huang, Shuhan, Zhang, Jun, Pan, Lei, Lou, Wei, Liang, Kaitai

“… To explore the scalability of CSP, in this article, we propose JavaScript based CSP (JSCSP), which is able to support most of real-world browsers but also to generate security policies automatically …”
Volltext

Securing IoT devices using JavaScript based sandbox von Sahu, Ayush, Singh, Ashima

“… In this paper, we try to address the security issue by proposing JavaScript sandbox as a method to execute IoT program …”
Volltext

JavaScript malware behaviour analysis and detection using sandbox assisted ensemble model von Kishore, Pushkar, Barisal, Swadhin Kumar, Prasad Mohapatra, Durga

“… In this paper, we propose a novel technique for analysing and detecting JavaScript using sandbox assisted ensemble model …”
Volltext

Fakeium: A dynamic execution environment for JavaScript program analysis von Moreno, José Miguel, Vallina-Rodriguez, Narseo, Tapiador, Juan

“… The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications …”
Volltext

The Spy in the Sandbox -- Practical Cache Attacks in Javascript von Yossef Oren, Kemerlis, Vasileios P, Sethumadhavan, Simha, Keromytis, Angelos D

“… We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not …”
Volltext

SoK: In Search of Lost Time: A Review of JavaScript Timers in Browsers von Rokicki, Thomas, Maurice, Clementine, Laperdrix, Pierre

“… They rely on subtle timing differences to infer information that should not be available inside of the JavaScript sandbox …”
Volltext

Next-generation antivirus for JavaScript malware detection based on dynamic features von de Lima, Sidney M. L., Souza, Danilo M., Pinheiro, Ricardo P., Silva, Sthéfano H. M. T., Lopes, Petrônio G., de Lima, Rafael D. T., de Oliveira, Jemerson R., Monteiro, Thyago de A., Fernandes, Sérgio M. M., Albuquerque, Edison de Q., da Silva, Washington W. A., dos Santos, Wellington P.

“… There are many kinds of Exploit Kits, each one being built with several vulnerabilities, but almost all of them are written in JavaScript …”
Volltext

A framework for leaking secrets to past instructions von Fustos, Jacob, Bechtel, Michael, Yun, Heechul

“… Transient execution attacks use microarchitectural covert channels to leak secrets that should not have been accessible during logical program execution …”
Volltext

Detection, Diagnosis and Mitigation of Malicious Javascript with Enriched Javascript Executions von Hu, Xunchao

“… Malicious JavaScript has become an important attack vector for software exploitation attacks and imposes a severe threat to computer security …”
Volltext

Eloquent JavaScript: A Modern Introduction to Programming von Haverbeke, Marijn

“… JavaScript lies at the heart of almost every modern web application, from social apps to the newest browser-based games …”
Volltext

Vulnerabilities in Android webview objects: Still not the end von El-Zawawy, Mohamed A., Losiouk, Eleonora, Conti, Mauro

“… Thus, while rendering web content a hybrid app can execute malicious Javascript code that can access the sensitive data on the device, bypassing the sandbox model usually adopted by standalone browsers …”
Volltext

Dynamic Analysis for JavaScript Code von Gong, Liang

“… Our extension of Jalangi intercepts and rewrites JavaScript code during network transmission. We also develop NodeSec, which is a dynamic instrumentation framework that traces and sandboxes the interactions …”
Volltext

ADsafety: Type-Based Verification of JavaScript Sandboxing von Joe Gibbs Politz, Eliopoulos, Spiridon, Guha, Arjun, Krishnamurthi, Shriram

“… These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source …”
Volltext

Hacky Racers: Exploiting Instruction-Level Parallelism to Generate Stealthy Fine-Grained Timers von Xiao, Haocheng, Ainsworth, Sam

“… , even in the presence of highly restricted JavaScript sandbox environments. While such environments try to mitigate timing side channels by reducing timer precision and removing language features such as \textit{SharedArrayBuffer …”
Volltext

Exploiting ML algorithms for Efficient Detection and Prevention of JavaScript-XSS Attacks in Android Based Hybrid Applications von Khalid, Usama, Abdullah, Muhammad, Inayat, Kashif

“… WebView is an important component in hybrid mobile applications which used to implements a sandbox mechanism to protect the local resources of smartphone devices from un-authorized access of JavaScript …”
Volltext

Transaction-based Sandboxing for JavaScript von Keil, Matthias, Thiemann, Peter

“… This paper presents design and implementation of DecentJS, a language-embedded sandbox for full JavaScript …”
Volltext

PDF Malicious Indicators Extraction Technique Based on Improved Symbolic Execution von Song, Enzhou, Hu, Tao, Yi, Peng, Wang, Wenbo

“… The malicious PDF document is a common attack method used by APT organizations.Analyzing extracted indicators of embedded JavaScript code is an important means to determine the maliciousness …”
Volltext

TreatJS: Higher-Order Contracts for JavaScript von Keil, Matthias, Thiemann, Peter

“… TreatJS is a language embedded, higher-order contract system for JavaScript which enforces contracts by run-time monitoring …”
Volltext

TreatJS: Higher-Order Contracts for JavaScript (Artifact) von Keil, Matthias, Thiemann, Peter

“… TreatJS is a language embedded, higher-order contract system for JavaScript which enforces contracts by run-time monitoring …”
Volltext

Adobe Zero-Day Attack Bypasses Sandbox von Schwartz, Mathew J

Volltext