Computer Science ›› 2017, Vol. 44 ›› Issue (11): 22-26.doi: 10.11896/j.issn.1002-137X.2017.11.004
Previous Articles Next Articles
GONG Wei-gang, YOU Wei, LI Zan, SHI Wen-chang and LIANG Bin
[1] GUARNIERI S,LIVSHITS V B.GATEKEEPER:Mostly StaticEnforcement of Security and Reliability Policies for JavaScript Code[C]∥Proceedings of the 18th Conference on USENIX Security Symposium.New York,USA:ACM,2009:78-85. [2] GUARNIERI S,PISTOIA M,TRIPP O,et al.Saving the world wide web from vulnerable JavaScript[C]∥Proceedings of the 2011 International Symposium on Software Testing and Analysis.New York,USA:ACM,2011:177-187. [3] GUHA A,KRISHAMURTHI S,JIM T.Using static analysis for Ajax intrusion detection[C]∥Proceedings of the 18th International Conference on World Wide Web.New York,USA:ACM,2009:561-570. [4] XU W,ZHANG F F,ZHU S C.The power of obfuscation techniques in malicious JavaScript code:A measurement study[C]∥Proceedings of the 2012 7th International Conference on Malicious and Unwanted Software.Washington DC,USA:IEEE,2012:9-16. [5] RATANAWORABHAN P,LIVSHITS B,ZORN B G.JSMe-ter:Comparing the Behavior of JavaScript Benchmarks with Real Web Applications[C]∥Usenix Conference on Web Application Development.2010. [6] RICHARDS G,HAMMER C,BURG B,et al.The eval that men do[M]∥ECOOP 2011-Object-Oriented Programming.Springer Berlin Heidelberg,2011:52-78. [7] RICHARDS G,LEBRESNE S,BURG B,et al.An analysis of the dynamic behavior of JavaScript programs[J].ACM SIGPLAN Notices,2010,45(6):1-12. [8] WEI S,RYDER B G.Practical blended taint analysis for Java-Script[C]∥Proceedings of the 2013 International Symposium on Software Testing and Analysis.New York,USA:ACM,2013:336-346. [9] CHUGH R,MEISTER J A,JHALA R,et al.Staged informa-tion flow for JavaScript[C]∥Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation.New York,USA:ACM,2009:50-62. [10] VOGT P,NENTWICH F,JOVANOVIC N,et al.Cross SiteScripting Prevention with Dynamic Data Tainting and Static Analysis[C]∥The 14th Annual Network & Distributed System Security Symposium.Reston,USA:ISOC,2007:12. [11] SCHFER M,SRIDHARAN M,DOLBY J,et al.Dynamic determinacy analysis[C]∥Proceedings of the 2013 ACM SIGPLAN Conference on Programming Language Design and Implementation.New York,USA:ACM,2013:165-174. [12] Google.Chrome V8[EB/OL].[2016-07-07].https://developers.google.com/v8. [13] Adobe.Adobe PhoneGap[EB/OL].[2016-07-07].http://phonega p.com. [14] CHUDNOV A,NAUMANN D A.Inlined information flow monitoring for JavaScript[C]∥Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM,2015:629-643. [15] JANG D,JHALA R,LERNER S,et al.An empirical study of privacy-violating information flows in JavaScript Web applications[C]∥Proceedings of the 17th ACM Conference on Computer and Communication Security.New York,USA:ACM,2010:270-283. |
No related articles found! |
|