JavaScript Instrumentation in Practice

14 years 1 months ago

Download www.docomolabsresearchers-usa.com

JavaScript has been exploited to launch various browser-based attacks. Our previous work proposed a theoretical framework applying policy-based code instrumentation to JavaScript. This paper further reports our experience carrying out the theory in practice. Specifically, we discuss how the instrumentation is performed on various JavaScript and HTML syntactic constructs, present a new policy construction method for facilitating the creation and compilation of security policies, and document various practical difficulties arose during our prototyping. Our prototype currently works with several different web browsers, including Safari Mobile running on iPhones. We report our results based on experiments using representative real-world web applications.

Haruka Kikuchi, Dachuan Yu, Ajay Chander, Hiroshi

Real-time Traffic

APLAS 2008 | Policy-based Code Instrumentation | Programming Languages | Various Browser-based Attacks | Various Practical Difficulties |

claim paper

Post Info
More Details (n/a)

Added	12 Oct 2010
Updated	12 Oct 2010
Type	Conference
Year	2008
Where	APLAS
Authors	Haruka Kikuchi, Dachuan Yu, Ajay Chander, Hiroshi Inamura, Igor Serikov

Comments (0)

Sciweavers

JavaScript Instrumentation in Practice

APLAS 2008 | Policy-based Code Instrumentation | Programming Languages | Various Browser-based Attacks | Various Practical Difficulties |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers