Search Results - untrusted JavaScript code~

A client‐server JavaScript code rewriting‐based framework to detect the XSS worms from online social network by Gupta, Shashank, Gupta, B.B., Chaudhary, Pooja

“… This shifting is done for completely isolating the untrusted JavaScript code and data. The client‐side performs runtime monitoring of the dynamic JavaScript code to recognize the tainted flow of untrusted JavaScript variables…”
Get full text

Jailed JavaScript library runs untrusted code safely in browsers, Node.js by Yegulalp, Serdar

“… ] Jailed, written by JavaScript developer Dmitry Prokashev, uses native JavaScript functions to load a set of JavaScript code into a sandboxed environment and export functions to the outside world…”
Get full text

Automated Analysis of Security-Critical JavaScript APIs by Taly, A., Erlingsson, Mitchell, J. C., Miller, M. S., Nagra, J.

“… To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties…”
Get full text

A Large Scale Analysis of Android — Web Hybridization by Tiwari, Abhishek, Prakash, Jyoti, Groß, Sascha, Hammer, Christian

“…Many Android applications embed webpages via WebView components and execute JavaScript code within Android…”
Get full text

HybriDroid: Static analysis framework for Android hybrid applications by Sungho Lee, Dolby, Julian, Sukyoung Ryu

“… Moreover, because untrusted JavaScript code may access device-specific features via native code, hybrid apps may be vulnerable to various security attacks…”
Get full text

XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud by Gupta, Shashank, Gupta, B. B.

“… It operates in two modes: training and detection mode. The former mode sanitizes the extracted untrusted variables of JavaScript code in a context-aware manner…”
Get full text

Lightweight Enforcement of Fine-grained Security Policies for Untrusted Software by Phung, Phu H

“…This thesis presents an innovative approach to implementing a security enforcement mechanism in the contexts of untrusted software systems, where a piece of code in a base system may come from an untrusted third party…”
Get full text

LUDroid: A Large Scale Analysis of Android - Web Hybridization by Tiwari, Abhishek, Prakash, Jyoti, Gross, Sascha, Hammer, Christian

“…Many Android applications embed webpages via WebView components and execute JavaScript code within Android…”
Get full text

NodeXP: NOde.js server-side JavaScript injection vulnerability DEtection and eXPloitation by Ntantogian, Christoforos, Bountakas, Panagiotis, Antonaropoulos, Dimitris, Patsakis, Constantinos, Xenakis, Christos

“…; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerable functions and neglecting to sanitize data input provided by untrusted sources…”
Get full text

Language-Based Isolation of Untrusted JavaScript by Maffeis, S., Taly, A.

“… We study language-based methods for filtering and rewriting JavaScript code, using Yahoo…”
Get full text

Sandboxing Untrusted JavaScript by Taly, Ankur

“… Such third-party content often comprises of executable code, commonly written in JavaScript, that runs together with Web site's code in the user's browser…”
Get full text

A comparative analysis of Cross Site Scripting (XSS) detecting and defensive techniques by Mahmoud, Shaimaa Khalifa, Alfonse, Marco, Roushdy, Mohamed Ismail, Salem, Abdel-Badeeh M.

“… is written in JavaScript code and injected within untrusted input data on the web application…”
Get full text

Hunting for DOM-Based XSS vulnerabilities in mobile cloud-based online social network by Gupta, Shashank, Gupta, B.B., Chaudhary, Pooja

“… The online mode detects the injection of untrusted script content in the DOM tree generated at runtime…”
Get full text

Detecting XSS Attack Using Principal Component Analysis And Naive Bayesian Techniques by Nagham kamil albusalih, Rana jumaa aljanabi

“… This malicious script is made of JavaScript code and is injected into the web application's untrusted input data…”
Get full text

InspectJS: Leveraging Code Similarity and User-Feedback for Effective Taint Specification Inference for JavaScript by Dutta, Saikat, Garbervetsky, Diego, Lahiri, Shuvendu K., Schafer, Max

“… Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows, either from untrusted input sources to sensitive sinks…”
Get full text

Dynamic information flow analysis for JavaScript in a web browser by Austin, Thomas H

“…JavaScript has become a central technology of the web, but it is also the source of many security problems, including cross-site scripting attacks and malicious advertising code…”
Get full text

WebC： toward a portable framework for deploying legacy code in web browsers by Yin, Jie, Tan, Gang, Bai, XiaoLong, Hu, ShiMin

“…For security, most web applications are developed in some type-safe language, such as JavaScript or Java…”
Get full text

A Large Scale Analysis of Android-Web Hybridization by Tiwari, Abhishek, Prakash, Jyoti, Gross, Sascha, Hammer, Christian

“…Many Android applications embed webpages via WebView components and execute JavaScript code within Android…”
Get full text

CSSXC: Context-sensitive Sanitization Framework for Web Applications against XSS Vulnerabilities in Cloud Environments by Gupta, Shashank, Gupta, B.B.

“… the sanitizers on the untrusted variables of web application. The XSS attack mitigation capability of our framework was evaluated on web applications deployed for the cloud users in the cloud environment…”
Get full text

ESFuzzer: An Efficient Way to Fuzz WebAssembly Interpreter by Han, Jideng, Zhang, Zhaoxin, Du, Yuejin, Wang, Wei, Chen, Xiuyuan

“… This enables the execution of untrusted code in a web browser without compromising the security and integrity of the user’s system…”
Get full text