Samenvatting

Developing JavaScript and web applications with confidentiality and integrity guarantees is challenging. Information flow control enables the enforcement of such guarantees. However, the integration of this technique into software tools used by developers in their workflow is missing. In this paper we present GuardiaML, a machine learning-assisted dynamic information flow control tool for JavaScript web applications. GuardiaML enables developers to detect unwanted information flow from sensitive sources to public sinks. It can handle the DOM and interaction with internal and external libraries and services. Because the specification of sources and sinks can be tedious, GuardiaML assists in this process by suggesting the tagging of sources and sinks via a machine learning component.
Originele taal-2English
TitelProceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019)
RedacteurenEmad Shihab, David Lo, Xinyu Wang
UitgeverijIEEE
Pagina's624-628
Aantal pagina's5
ISBN van elektronische versie9781728105918
ISBN van geprinte versie978-1-7281-0591-8
DOI's
StatusPublished - 15 mrt 2019
Evenement26th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019) - Zhejiang University, Hangzhou, China
Duur: 24 feb 201927 feb 2019
Congresnummer: 26
https://saner2019.github.io

Publicatie series

NaamSANER 2019 - Proceedings of the 2019 IEEE 26th International Conference on Software Analysis, Evolution, and Reengineering

Conference

Conference26th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019)
Verkorte titelSANER
LandChina
StadHangzhou
Periode24/02/1927/02/19
Internet adres

Vingerafdruk Duik in de onderzoeksthema's van 'GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control'. Samen vormen ze een unieke vingerafdruk.

Citeer dit