• DocumentCode
    2944463
  • Title

    A Symbolic Execution Framework for JavaScript

  • Author

    Saxena, Prateek ; Akhawe, Devdatta ; Hanna, Steve ; Mao, Feng ; McCamant, Stephen ; Song, Dawn

  • Author_Institution
    EECS Dept., Univ. of California, Berkeley, CA, USA
  • fYear
    2010
  • fDate
    16-19 May 2010
  • Firstpage
    513
  • Lastpage
    528
  • Abstract
    As AJAX applications gain popularity, client-side JavaScript code is becoming increasingly complex. However, few automated vulnerability analysis tools for JavaScript exist. In this paper, we describe the first system for exploring the execution space of JavaScript code using symbolic execution. To handle JavaScript code’s complex use of string operations, we design a new language of string constraints and implement a solver for it. We build an automatic end-to-end tool, Kudzu, and apply it to the problem of finding client-side code injection vulnerabilities. In experiments on 18 live web applications, Kudzu automatically discovers 2 previously unknown vulnerabilities and 9 more that were previously found only with a manually-constructed test suite.
  • Keywords
    Assembly; Computational modeling; Computer architecture; Digital signal processing; Digital signal processing chips; Java; Large scale integration; Logic; Registers; Telecommunication control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy (SP), 2010 IEEE Symposium on
  • Conference_Location
    Oakland, CA, USA
  • ISSN
    1081-6011
  • Print_ISBN
    978-1-4244-6894-2
  • Electronic_ISBN
    1081-6011
  • Type

    conf

  • DOI
    10.1109/SP.2010.38
  • Filename
    5504700
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2944463