A Practical Blended Analysis for Dynamic Features in JavaScript
2012) A Practical Blended Analysis for Dynamic Features in JavaScript. Technical Report TR-12-18, Department of Computer Science, Virginia Tech. (
Full text available as: |
Abstract
JavaScript is widely used in Web applications; however, its dynamism renders static analysis ineffective. Our JavaScript Blended Analysis Framework is designed to handle JavaScript dynamic features. It performs a flexible combined static/dynamic analysis. The blended analysis focuses static analysis on a dynamic calling structure collected at runtime in a lightweight manner, and refines the static analysis using dynamic information. The framework is instantiated for points-to analysis with stmt-level MOD analysis and tainted input analysis. Using JavaScript codes from actual webpages as benchmarks, we show that blended points-to analysis for JavaScript obtains good coverage (86.6% on average per website) of the pure static analysis solution and finds additional points-to pairs (7.0% on average per website) contributed by dynamically generated/loaded code. Blended tainted input analysis reports all 6 true positives reported by static analysis, but without false alarms, and finds three additional true positives.
Item Type: | Departmental Technical Report |
---|---|
Keywords: | JavaScript, program analysis, points-to analysis, taint analysis |
Subjects: | Computer Science > Information Retrieval Computer Science > Algorithms and Data Structure |
ID Code: | 1206 |
Deposited By: | Administrator, Eprints |
Deposited On: | 19 September 2012 |