Code-Based Vulnerability Detection in Node.js Applications: How far are we?

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and imp...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) s. 1199 - 1203
Hlavní autori: Chinthanet, Bodin, Ponta, Serena Elisa, Plate, Henrik, Sabetta, Antonino, Kula, Raula Gaikovina, Ishio, Takashi, Matsumoto, Kenichi
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: ACM 01.09.2020
Predmet:
Code-based
Complexity theory
Detectors
Node.js
Programming
Runtime environment
Software
Software Dependencies
Software engineering
Vulnerability Detection
ISSN:2643-1572
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and implement a viable code-based vulnerability detection tool for Node.js applications. Our case study lists the challenges encountered while implementing our Node.js vulnerable code detector.
ISSN:2643-1572
DOI:10.1145/3324884.3421838