Suchergebnisse - untrusted JavaScript code

A client‐server JavaScript code rewriting‐based framework to detect the XSS worms from online social network von Gupta, Shashank, Gupta, B.B., Chaudhary, Pooja

“… This shifting is done for completely isolating the untrusted JavaScript code and data. The client‐side performs runtime monitoring of the dynamic JavaScript code to recognize the tainted flow of untrusted JavaScript variables …”
Volltext

Jailed JavaScript library runs untrusted code safely in browsers, Node.js von Yegulalp, Serdar

“… ] Jailed, written by JavaScript developer Dmitry Prokashev, uses native JavaScript functions to load a set of JavaScript code into a sandboxed environment and export functions to the outside world …”
Volltext

Automated Analysis of Security-Critical JavaScript APIs von Taly, A., Erlingsson, Mitchell, J. C., Miller, M. S., Nagra, J.

“… To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties …”
Volltext

A Large Scale Analysis of Android — Web Hybridization von Tiwari, Abhishek, Prakash, Jyoti, Groß, Sascha, Hammer, Christian

“… Many Android applications embed webpages via WebView components and execute JavaScript code within Android …”
Volltext

HybriDroid: Static analysis framework for Android hybrid applications von Sungho Lee, Dolby, Julian, Sukyoung Ryu

“… Moreover, because untrusted JavaScript code may access device-specific features via native code, hybrid apps may be vulnerable to various security attacks …”
Volltext

XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud von Gupta, Shashank, Gupta, B. B.

“… It operates in two modes: training and detection mode. The former mode sanitizes the extracted untrusted variables of JavaScript code in a context-aware manner …”
Volltext

Lightweight Enforcement of Fine-grained Security Policies for Untrusted Software von Phung, Phu H

“… This thesis presents an innovative approach to implementing a security enforcement mechanism in the contexts of untrusted software systems, where a piece of code in a base system may come from an untrusted third party …”
Volltext

LUDroid: A Large Scale Analysis of Android - Web Hybridization von Tiwari, Abhishek, Prakash, Jyoti, Gross, Sascha, Hammer, Christian

“… Many Android applications embed webpages via WebView components and execute JavaScript code within Android …”
Volltext

NodeXP: NOde.js server-side JavaScript injection vulnerability DEtection and eXPloitation von Ntantogian, Christoforos, Bountakas, Panagiotis, Antonaropoulos, Dimitris, Patsakis, Constantinos, Xenakis, Christos

“… ; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerable functions and neglecting to sanitize data input provided by untrusted sources …”
Volltext

Language-Based Isolation of Untrusted JavaScript von Maffeis, S., Taly, A.

“… We study language-based methods for filtering and rewriting JavaScript code, using Yahoo …”
Volltext

Sandboxing Untrusted JavaScript von Taly, Ankur

“… Such third-party content often comprises of executable code, commonly written in JavaScript, that runs together with Web site's code in the user's browser …”
Volltext

A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques von Mahmoud, Shaimaa Khalifa, Alfonse, Marco, Roushdy, Mohamed Ismail, Salem, Abdel-Badeeh M.

“… is written in JavaScript code and injected within untrusted input data on the web application …”
Volltext

Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network von Gupta, Shashank, Gupta, B.B., Chaudhary, Pooja

“… The online mode detects the injection of untrusted script content in the DOM tree generated at runtime …”
Volltext

Detecting XSS Attack Using Principal Component Analysis And Naive Bayesian Techniques von Nagham kamil albusalih, Rana jumaa aljanabi

“… This malicious script is made of JavaScript code and is injected into the web application's untrusted input data …”
Volltext

InspectJS: Leveraging Code Similarity and User-Feedback for Effective Taint Specification Inference for JavaScript von Dutta, Saikat, Garbervetsky, Diego, Lahiri, Shuvendu K., Schafer, Max

“… Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows, either from untrusted input sources to sensitive sinks …”
Volltext

Dynamic information flow analysis for JavaScript in a web browser von Austin, Thomas H

“… JavaScript has become a central technology of the web, but it is also the source of many security problems, including cross-site scripting attacks and malicious advertising code …”
Volltext

WebC： toward a portable framework for deploying legacy code in web browsers von Yin, Jie, Tan, Gang, Bai, XiaoLong, Hu, ShiMin

“… For security, most web applications are developed in some type-safe language, such as JavaScript or Java …”
Volltext

A Large Scale Analysis of Android-Web Hybridization von Tiwari, Abhishek, Prakash, Jyoti, Gross, Sascha, Hammer, Christian

“… Many Android applications embed webpages via WebView components and execute JavaScript code within Android …”
Volltext

CSSXC: Context-sensitive Sanitization Framework for Web Applications against XSS Vulnerabilities in Cloud Environments von Gupta, Shashank, Gupta, B.B.

“… the sanitizers on the untrusted variables of web application. The XSS attack mitigation capability of our framework was evaluated on web applications deployed for the cloud users in the cloud environment …”
Volltext

ESFuzzer: An Efficient Way to Fuzz WebAssembly Interpreter von Han, Jideng, Zhang, Zhaoxin, Du, Yuejin, Wang, Wei, Chen, Xiuyuan

“… This enables the execution of untrusted code in a web browser without compromising the security and integrity of the user’s system …”
Volltext