Výsledky vyhledávání - untrusted JavaScript code*
Alternativní vyhledávání:
- untrusted JavaScript code* »
-
1
A client‐server JavaScript code rewriting‐based framework to detect the XSS worms from online social network
ISSN: 1532-0626, 1532-0634Vydáno: Hoboken Wiley Subscription Services, Inc 10.11.2019Vydáno v Concurrency and computation (10.11.2019)“… This shifting is done for completely isolating the untrusted JavaScript code and data. The client‐side performs runtime monitoring of the dynamic JavaScript code to recognize the tainted flow of untrusted JavaScript variables…”
Získat plný text
Journal Article -
2
Jailed JavaScript library runs untrusted code safely in browsers, Node.js
Vydáno: San Mateo Foundry 13.06.2016Vydáno v InfoWorld.com (13.06.2016)“… ] Jailed, written by JavaScript developer Dmitry Prokashev, uses native JavaScript functions to load a set of JavaScript code into a sandboxed environment and export functions to the outside world…”
Získat plný text
Trade Publication Article -
3
Automated Analysis of Security-Critical JavaScript APIs
ISBN: 1457701472, 9781457701474ISSN: 1081-6011Vydáno: IEEE 01.05.2011Vydáno v 2011 IEEE Symposium on Security and Privacy (01.05.2011)“… To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties…”
Získat plný text
Konferenční příspěvek
-
4
NodeXP: NOde.js server-side JavaScript injection vulnerability DEtection and eXPloitation
ISSN: 2214-2126Vydáno: Elsevier Ltd 01.05.2021Vydáno v Journal of information security and applications (01.05.2021)“…; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerable functions and neglecting to sanitize data input provided by untrusted sources…”
Získat plný text
Journal Article -
5
XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud
ISSN: 1380-7501, 1573-7721Vydáno: New York Springer US 01.02.2018Vydáno v Multimedia tools and applications (01.02.2018)“… It operates in two modes: training and detection mode. The former mode sanitizes the extracted untrusted variables of JavaScript code in a context-aware manner…”
Získat plný text
Journal Article -
6
A Large Scale Analysis of Android — Web Hybridization
ISSN: 0164-1212Vydáno: Elsevier Inc 01.12.2020Vydáno v The Journal of systems and software (01.12.2020)“…Many Android applications embed webpages via WebView components and execute JavaScript code within Android…”
Získat plný text
Journal Article -
7
Language-Based Isolation of Untrusted JavaScript
ISBN: 076953712X, 9780769537122ISSN: 1063-6900Vydáno: IEEE 01.07.2009Vydáno v 2009 22nd IEEE Computer Security Foundations Symposium (01.07.2009)“… We study language-based methods for filtering and rewriting JavaScript code, using Yahoo…”
Získat plný text
Konferenční příspěvek -
8
LUDroid: A Large Scale Analysis of Android - Web Hybridization
ISSN: 2470-6892Vydáno: IEEE 01.09.2019Vydáno v Proceedings / IEEE International Working Conference on Source Code Analysis and Manipulation (01.09.2019)“…Many Android applications embed webpages via WebView components and execute JavaScript code within Android…”
Získat plný text
Konferenční příspěvek -
9
Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network
ISSN: 0167-739X, 1872-7115Vydáno: Elsevier B.V 01.02.2018Vydáno v Future generation computer systems (01.02.2018)“… The online mode detects the injection of untrusted script content in the DOM tree generated at runtime…”
Získat plný text
Journal Article -
10
A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques
Vydáno: IEEE 01.12.2017Vydáno v ICICIS : 2017 eighth International Conference on Intelligent Computing and Information Systems : 5-7 December 2017 (01.12.2017)“… is written in JavaScript code and injected within untrusted input data on the web application…”
Získat plný text
Konferenční příspěvek -
11
Lightweight Enforcement of Fine-grained Security Policies for Untrusted Software
ISBN: 1392367204, 9781392367209Vydáno: ProQuest Dissertations & Theses 01.01.2011“…This thesis presents an innovative approach to implementing a security enforcement mechanism in the contexts of untrusted software systems, where a piece of code in a base system may come from an untrusted third party…”
Získat plný text
Dissertation -
12
InspectJS: Leveraging Code Similarity and User-Feedback for Effective Taint Specification Inference for JavaScript
Vydáno: IEEE 01.05.2022Vydáno v 2022 IEEE/ACM 44th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP) (01.05.2022)“… Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows, either from untrusted input sources to sensitive sinks…”
Získat plný text
Konferenční příspěvek -
13
WebC: toward a portable framework for deploying legacy code in web browsers
ISSN: 1674-733X, 1869-1919Vydáno: Beijing Science China Press 01.07.2015Vydáno v Science China. Information sciences (01.07.2015)“…For security, most web applications are developed in some type-safe language, such as JavaScript or Java…”
Získat plný text
Journal Article -
14
HybriDroid: Static analysis framework for Android hybrid applications
Vydáno: ACM 01.09.2016Vydáno v Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (01.09.2016)“… Moreover, because untrusted JavaScript code may access device-specific features via native code, hybrid apps may be vulnerable to various security attacks…”
Získat plný text
Konferenční příspěvek -
15
Sandboxing Untrusted JavaScript
ISBN: 9798662531406Vydáno: ProQuest Dissertations & Theses 01.01.2013“… Such third-party content often comprises of executable code, commonly written in JavaScript, that runs together with Web site's code in the user's browser…”
Získat plný text
Dissertation -
16
CSSXC: Context-sensitive Sanitization Framework for Web Applications against XSS Vulnerabilities in Cloud Environments
ISSN: 1877-0509, 1877-0509Vydáno: Elsevier B.V 2016Vydáno v Procedia computer science (2016)“… the sanitizers on the untrusted variables of web application. The XSS attack mitigation capability of our framework was evaluated on web applications deployed for the cloud users in the cloud environment…”
Získat plný text
Journal Article -
17
InspectJS: Leveraging Code Similarity and User-Feedback for Effective Taint Specification Inference for JavaScript
ISSN: 2331-8422Vydáno: Ithaca Cornell University Library, arXiv.org 18.11.2021Vydáno v arXiv.org (18.11.2021)“… Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows, either from untrusted input sources to sensitive sinks…”
Získat plný text
Paper -
18
Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution
ISSN: 2375-1207Vydáno: IEEE 01.05.2022Vydáno v Proceedings - IEEE Symposium on Security and Privacy (01.05.2022)“…, and more. Because web browsers execute untrusted code while potentially accessing sensitive information, they were considered prime targets for attacks and underwent significant changes to protect users…”
Získat plný text
Konferenční příspěvek -
19
ESFuzzer: An Efficient Way to Fuzz WebAssembly Interpreter
ISSN: 2079-9292, 2079-9292Vydáno: Basel MDPI AG 01.04.2024Vydáno v Electronics (Basel) (01.04.2024)“… This enables the execution of untrusted code in a web browser without compromising the security and integrity of the user’s system…”
Získat plný text
Journal Article -
20
Designing a XSS Defensive Framework for Web Servers Deployed in the Existing Smart City Infrastructure
ISSN: 1546-2234, 1546-5012Vydáno: Hershey IGI Global 01.10.2020Vydáno v Journal of organizational and end user computing (01.10.2020)“… the smart city environment. The proposed framework implements 2 approaches: first, it executes vulnerable flow tracking for filtering injected malicious scripting code in dynamic web pages…”
Získat plný text
Journal Article