Code-Based Vulnerability Detection in Node.js Applications: How far are we?

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and imp...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) S. 1199 - 1203
Hauptverfasser: Chinthanet, Bodin, Ponta, Serena Elisa, Plate, Henrik, Sabetta, Antonino, Kula, Raula Gaikovina, Ishio, Takashi, Matsumoto, Kenichi
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: ACM 01.09.2020
Schlagworte:
Code-based
Complexity theory
Detectors
Node.js
Programming
Runtime environment
Software
Software Dependencies
Software engineering
Vulnerability Detection
ISSN:2643-1572
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and implement a viable code-based vulnerability detection tool for Node.js applications. Our case study lists the challenges encountered while implementing our Node.js vulnerable code detector.
ISSN:2643-1572
DOI:10.1145/3324884.3421838