• DocumentCode
    1637292
  • Title

    Post-Dominator Analysis for Precisely Handling Implicit Flows

  • Author

    Bichhawat, Abhishek

  • Author_Institution
    Saarland Univ., Saarbrucken, Germany
  • Volume
    2
  • fYear
    2015
  • Firstpage
    787
  • Lastpage
    789
  • Abstract
    Most web applications today use JavaScript for including third-party scripts, advertisements etc., which pose a major security threat in the form of confidentiality and integrity violations. Dynamic information flow control helps address this issue of information stealing. Most of the approaches over-approximate when unstructured control flow comes into picture, thereby raising a lot of false alarms. We utilize the post-dominator analysis technique to determine the context of the program at a given point and prove that this approach is the most precise technique to handle implicit flows.
  • Keywords
    Java; authoring languages; program diagnostics; security of data; JavaScript; Web applications; confidentiality violations; dynamic information flow control; implicit flow handling; integrity violations; post-dominator analysis technique; security threat; unstructured control flow; Computer languages; Conferences; Context; Lattices; Programmable logic arrays; Security; Software engineering;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on
  • Conference_Location
    Florence
  • Type

    conf

  • DOI
    10.1109/ICSE.2015.250
  • Filename
    7203071
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1637292