Search Results - JavaScript sandbox

JSCSP: A Novel Policy-Based XSS Defense Mechanism for Browsers by Xu, Guangquan, Xie, Xiaofei, Huang, Shuhan, Zhang, Jun, Pan, Lei, Lou, Wei, Liang, Kaitai

“… To explore the scalability of CSP, in this article, we propose JavaScript based CSP (JSCSP), which is able to support most of real-world browsers but also to generate security policies automatically…”
Get full text

Securing IoT devices using JavaScript based sandbox by Sahu, Ayush, Singh, Ashima

“… In this paper, we try to address the security issue by proposing JavaScript sandbox as a method to execute IoT program…”
Get full text

JavaScript malware behaviour analysis and detection using sandbox assisted ensemble model by Kishore, Pushkar, Barisal, Swadhin Kumar, Prasad Mohapatra, Durga

“… In this paper, we propose a novel technique for analysing and detecting JavaScript using sandbox assisted ensemble model…”
Get full text

Fakeium: A dynamic execution environment for JavaScript program analysis by Moreno, José Miguel, Vallina-Rodriguez, Narseo, Tapiador, Juan

“…The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications…”
Get full text

The Spy in the Sandbox -- Practical Cache Attacks in Javascript by Yossef Oren, Kemerlis, Vasileios P, Sethumadhavan, Simha, Keromytis, Angelos D

“…We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in this genre, this attack does not…”
Get full text

SoK: In Search of Lost Time: A Review of JavaScript Timers in Browsers by Rokicki, Thomas, Maurice, Clementine, Laperdrix, Pierre

“… They rely on subtle timing differences to infer information that should not be available inside of the JavaScript sandbox…”
Get full text

Next-generation antivirus for JavaScript malware detection based on dynamic features by de Lima, Sidney M. L., Souza, Danilo M., Pinheiro, Ricardo P., Silva, Sthéfano H. M. T., Lopes, Petrônio G., de Lima, Rafael D. T., de Oliveira, Jemerson R., Monteiro, Thyago de A., Fernandes, Sérgio M. M., Albuquerque, Edison de Q., da Silva, Washington W. A., dos Santos, Wellington P.

“…There are many kinds of Exploit Kits, each one being built with several vulnerabilities, but almost all of them are written in JavaScript…”
Get full text

A framework for leaking secrets to past instructions by Fustos, Jacob, Bechtel, Michael, Yun, Heechul

“…Transient execution attacks use microarchitectural covert channels to leak secrets that should not have been accessible during logical program execution…”
Get full text

Detection, Diagnosis and Mitigation of Malicious Javascript with Enriched Javascript Executions by Hu, Xunchao

“…Malicious JavaScript has become an important attack vector for software exploitation attacks and imposes a severe threat to computer security…”
Get full text

Eloquent JavaScript: A Modern Introduction to Programming by Haverbeke, Marijn

“…JavaScript lies at the heart of almost every modern web application, from social apps to the newest browser-based games…”
Get full text

Vulnerabilities in Android webview objects: Still not the end by El-Zawawy, Mohamed A., Losiouk, Eleonora, Conti, Mauro

“… Thus, while rendering web content a hybrid app can execute malicious Javascript code that can access the sensitive data on the device, bypassing the sandbox model usually adopted by standalone browsers…”
Get full text

Dynamic Analysis for JavaScript Code by Gong, Liang

“… Our extension of Jalangi intercepts and rewrites JavaScript code during network transmission. We also develop NodeSec, which is a dynamic instrumentation framework that traces and sandboxes the interactions…”
Get full text

ADsafety: Type-Based Verification of JavaScript Sandboxing by Joe Gibbs Politz, Eliopoulos, Spiridon, Guha, Arjun, Krishnamurthi, Shriram

“… These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source…”
Get full text

Hacky Racers: Exploiting Instruction-Level Parallelism to Generate Stealthy Fine-Grained Timers by Xiao, Haocheng, Ainsworth, Sam

“…, even in the presence of highly restricted JavaScript sandbox environments. While such environments try to mitigate timing side channels by reducing timer precision and removing language features such as \textit{SharedArrayBuffer…”
Get full text

Exploiting ML algorithms for Efficient Detection and Prevention of JavaScript-XSS Attacks in Android Based Hybrid Applications by Khalid, Usama, Abdullah, Muhammad, Inayat, Kashif

“… WebView is an important component in hybrid mobile applications which used to implements a sandbox mechanism to protect the local resources of smartphone devices from un-authorized access of JavaScript…”
Get full text

Transaction-based Sandboxing for JavaScript by Keil, Matthias, Thiemann, Peter

“… This paper presents design and implementation of DecentJS, a language-embedded sandbox for full JavaScript…”
Get full text

TreatJS: Higher-Order Contracts for JavaScript by Keil, Matthias, Thiemann, Peter

“…TreatJS is a language embedded, higher-order contract system for JavaScript which enforces contracts by run-time monitoring…”
Get full text

TreatJS: Higher-Order Contracts for JavaScript (Artifact) by Keil, Matthias, Thiemann, Peter

“…TreatJS is a language embedded, higher-order contract system for JavaScript which enforces contracts by run-time monitoring…”
Get full text

Adobe Zero-Day Attack Bypasses Sandbox by Schwartz, Mathew J

Get full text

O'REILLY: Apply JavaScript to Today's Programming Challenges O'Reilly Releases "Learning JavaScript"

“…Farnham, UK--Revered by some for its capabilities and disdained by others for its simplicity, JavaScript has moved in and out of the limelight since its introduction in 1995…”
Get full text