Computer Science Technical Reports
CS at VT

A Practical Blended Analysis for Dynamic Features in JavaScript

Wei, Shiyi and Ryder, Barbara G. (2012) A Practical Blended Analysis for Dynamic Features in JavaScript. Technical Report TR-12-18, Department of Computer Science, Virginia Tech.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.
BlendedJavaScript2clients.pdf (230175)


JavaScript is widely used in Web applications; however, its dynamism renders static analysis ineffective. Our JavaScript Blended Analysis Framework is designed to handle JavaScript dynamic features. It performs a flexible combined static/dynamic analysis. The blended analysis focuses static analysis on a dynamic calling structure collected at runtime in a lightweight manner, and refines the static analysis using dynamic information. The framework is instantiated for points-to analysis with stmt-level MOD analysis and tainted input analysis. Using JavaScript codes from actual webpages as benchmarks, we show that blended points-to analysis for JavaScript obtains good coverage (86.6% on average per website) of the pure static analysis solution and finds additional points-to pairs (7.0% on average per website) contributed by dynamically generated/loaded code. Blended tainted input analysis reports all 6 true positives reported by static analysis, but without false alarms, and finds three additional true positives.

Item Type:Departmental Technical Report
Keywords:JavaScript, program analysis, points-to analysis, taint analysis
Subjects:Computer Science > Information Retrieval
Computer Science > Algorithms and Data Structure
ID Code:1206
Deposited By:Administrator, Eprints
Deposited On:19 September 2012