JasFree: Grammar-free Program Analysis for JavaScript Bytecode

JavaScript is rapidly being deployed as binaries in security-critical embedded domains, including IoT devices, edge computing, and smart automotive applications. Ensuring the security of JavaScript binaries in these domains necessitates comprehensive binary code analysis. However, despite the urgent...

Full description

Saved in:
Bibliographic Details
Published in:IEEE ... International Conference on Trust, Security and Privacy in Computing and Communications (Online) pp. 326 - 337
Main Authors: Jiang, Hao, Lai, Haiwei, Wu, Si, Hua, Baojian
Format: Conference Proceeding
Language:English
Published: IEEE 17.12.2024
Subjects:
Fuzzing
Grammar-Free
Heuristic algorithms
JavaScript Bytecode
Privacy
Program Analysis
Prototypes
Security
Software
Software algorithms
Transforms
Translation
Vehicle dynamics
ISSN:2324-9013
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:JavaScript is rapidly being deployed as binaries in security-critical embedded domains, including IoT devices, edge computing, and smart automotive applications. Ensuring the security of JavaScript binaries in these domains necessitates comprehensive binary code analysis. However, despite the urgent need, a universal approach to analyzing JavaScript binaries is lacking due to the bytecode heterogeneity across the various JavaScript virtual machines.In this paper, to fill this gap, we present the first grammar-free, universal program analysis approach tailored for JavaScript binaries. We first design a syntax-independent intermediate representation called JasByte to encode diverse JavaScript binaries. We then develop a universal translator equipped with a set of APIs to transform JavaScript binaries into JasByte. We design a suit of program analysis algorithms for error detection, debugging, and fuzzing, to identify bugs in JavaScript VMs. We design and implement a software prototype JasFree and conduct extensive evaluations. Our results show that JasFree effectively enables construction of diverse static and dynamic analysis by reducing the overhead from 660.38% to 290.84%, outperforming the state-of-the-art tool Jalangi2. Moreover, JAS-FREE facilitates effective mutation of JasByte, resulting in the detection of 25 new vulnerabilities, all of which were missed by existing methods.
ISSN:2324-9013
DOI:10.1109/TrustCom63139.2024.00066