计算机科学 ›› 2017, Vol. 44 ›› Issue (Z11): 322-328.doi: 10.11896/j.issn.1002-137X.2017.11A.068
孙雅静,赵旭,颜学雄,王清贤
SUN Ya-jing, ZHAO Xu, YAN Xue-xiong and WANG Qing-xian
摘要: 数据泄漏是导致Web沙箱逃逸的重要原因,即在未授权情况下,程序可以访问系统的敏感数据。已有的Web应用安全分析方法不完全适用于发现Web沙箱的数据泄漏。设计一种面向数据泄漏的Web沙箱测试方法,在JavaScript对象建模的基础上,首先,采用深度优先的策略遍历浏览器的原生对象,获取程序可直接访问的对象集合;其次,设计敏感点导向的封装对象测试算法,获取程序间接访问的对象集合;再次,设计了多程序数据泄漏的测试算法,获取程序间可能的通信路径;最后,对比测试结果和Web沙箱的规格,以识别Web沙箱的数据泄漏。设计并实现了Web沙箱测试系统(WSTS),同时测试了不同版本的ADsafe沙箱,实验结果显示,所提方法具有良好的数据泄漏发现能力。
[1] BHARGAVAN K,DELIGNAT L A,MAFFEIS S.DefensiveJavaScript[M]∥Foundations of Security Analysis and Design VII.Springer International Publishing,2014:88-123. [2] TRIPP O,FERRARA P,PISTOIA M.Hybrid security analysis of web javascript code via dynamic partial evaluation[C]∥Proceedings of the 2014 International Symposium on Software Testing and Analysis.ACM,2014:49-59. [3] POLITZ J G,ARJUN G,SHRIRAM K.Typed-based verification of Web sandboxes[J].Journal of Computer Security,2014,2(4):511-565. [4] MAASS M,SALES A,CHUNG B,et al.A systematic analysis of the science of sandboxing[J].BMC Evolutionary Biology ,2016,2(3):e43. [5] JavaScript and the Document Object Model.http://www.ibm.com/developerworks/web/library/wa-jsdom. [6] The Browser Object Model.http://msdn.microsoft.com/en-us/library/ms952643.aspx. [7] ECMAScript Language Specification 2015.http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-262.pdf. [8] DOUGLAS C.ADsafe.http://www.adsafe.org. [9] MARK S,MILLER S,BEN L,et al.Caja:Safe active content in sanitized JavaScript.http://google-caja,googlecode.com/files/caja-spec-2008-06-07.pdf. [10] Facebook.FBJS.http://developers.facebook.com/docs/fbjs. [11] SERGIO M,MITCHELL J C,TALY A.Isolating JavaScriptwith filters,rewriting,and wrapper [C]∥European Symposium on Research in Computer Security.Springer Berlin Heidelberg,2009:505-522. [12] TALY A,ERLINGSSON ,MITCHELL J C,et al.Automated analysis of security-critical javascript apis[C]∥ 2011 IEEE Symposium on Security and Privacy (SP).IEEE,2011:363-378. [13] POLITZ J G,SPIRIDON A E,ARJUN G,et al.ADsafety:Typed-based verification of JavaScript sandboxing[C]∥Proceedings of the 20th USENIX Conference on Security.2011. [14] POLITZ J G,ARJUN G,SHRIRAM K,Semantics and Types for Objects with First-Class Member Names[M]∥Workshop on Foundations of Object-Oriented Languages(FOOL).2012:15-22. [15] SAXENA P,AKHAWE D,HANNA S,et al.A symbolic execution framework for javascript[C]∥2010 IEEE Symposium on Security and Privacy (SP).IEEE,2010:513-528. [16] LI Y F,PARAMJIT K D,DAVID L D.Two decades of Web application testing-A Survey of recent advances[J].Information System,2014,43:20-54. [17] DANIEL M,JAMES W.Choosing Scrapy[J].Journal of Computing Sciences in Colleges,2015,31(1):83-89. |
No related articles found! |
|