ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Staged information flow for javascript
Full text PdfPdf (530 KB)
Source
Conference on Programming Language Design and Implementation archive
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation table of contents
Dublin, Ireland
SESSION: Program analysis for security table of contents
Pages 50-62  
Year of Publication: 2009
ISBN:978-1-60558-392-1
Also published in ...
Authors
Ravi Chugh  University of California, San Diego, San Diego, CA, USA
Jeffrey A. Meister  University of California, San Diego, San Diego, CA, USA
Ranjit Jhala  University of California, San Diego, San Diego, CA, USA
Sorin Lerner  University of California, San Diego, San Diego, CA, USA
Sponsors
SIGPLAN: ACM Special Interest Group on Programming Languages
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 40,   Downloads (12 Months): 156,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1542476.1542483
What is a DOI?

ABSTRACT

Modern websites are powered by JavaScript, a flexible dynamic scripting language that executes in client browsers. A common paradigm in such websites is to include third-party JavaScript code in the form of libraries or advertisements. If this code were malicious, it could read sensitive information from the page or write to the location bar, thus redirecting the user to a malicious page, from which the entire machine could be compromised. We present an information-flow based approach for inferring the effects that a piece of JavaScript has on the website in order to ensure that key security properties are not violated. To handle dynamically loaded and generated JavaScript, we propose a framework for staging information flow properties. Our framework propagates information flow through the currently known code in order to compute a minimal set of syntactic residual checks that are performed on the remaining code when it is dynamically loaded. We have implemented a prototype framework for staging information flow. We describe our techniques for handling some difficult features of JavaScript and evaluate our system's performance on a variety of large real-world websites. Our experiments show that static information flow is feasible and efficient for JavaScript, and that our technique allows the enforcement of information-flow policies with almost no run-time overhead.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
English: Alexa top 100 sites, November 2008. http://www.alexa.com.
 
2
Google web toolkit, November 2008. http://code.google.com/webtoolkit/.
 
3
Jsure, November 2008. http://www.jsure.org/.
 
4
Volta, November 2008. http://live.labs.com/volta.
 
5
T. Amtoft and A. Banerjee. Information flow analysis in logical form. In SAS, pages 100--115, 2004.
 
6
C. Anderson, P. Giannini, and S. Drossopoulou. Towards type inference for javascript. In ECOOP, pages 428--452, 2005.
7
Stephen Chong , Jed Liu , Andrew C. Myers , Xin Qi , K. Vikram , Lantian Zheng , Xin Zheng, Secure web applications via automatic partitioning, Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, October 14-17, 2007, Stevenson, Washington, USA
 
8
Jim Chow , Ben Pfaff , Tal Garfinkel , Kevin Christopher , Mendel Rosenblum, Understanding data lifetime via whole system simulation, Proceedings of the 13th conference on USENIX Security Symposium, p.22-22, August 09-13, 2004, San Diego, CA
9
Petros Efstathopoulos , Maxwell Krohn , Steve VanDeBogart , Cliff Frey , David Ziegler , Eddie Kohler , David Mazières , Frans Kaashoek , Robert Morris, Labels and event processes in the asbestos operating system, Proceedings of the twentieth ACM symposium on Operating systems principles, October 23-26, 2005, Brighton, United Kingdom
 
10
Manuel Fähndrich , Alexander Aiken, Program Analysis Using Mixed Term and Set Constraints, Proceedings of the 4th International Symposium on Static Analysis, p.114-126, September 08-10, 1997
 
11
Manuel Fahndrich , Jeffrey Foster , Jason Cu , Alexander Aiken, Tracking down Exceptions in Standard ML Programs, University of California at Berkeley, Berkeley, CA, 1998
12
Cormac Flanagan , Matthias Felleisen, Componential set-based analysis, ACM Transactions on Programming Languages and Systems (TOPLAS), v.21 n.2, p.370-416, March 1999  [doi>10.1145/316686.316703]
13
Jeffrey S. Foster , Manuel Fähndrich , Alexander Aiken, A theory of type qualifiers, Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation, p.192-203, May 01-04, 1999, Atlanta, Georgia, United States
 
14
Jeffrey S. Foster , Manuel Fähndrich , Alexander Aiken, Polymorphic versus Monomorphic Flow-Insensitive Points-to Analysis for C, Proceedings of the 7th International Symposium on Static Analysis, p.175-198, June 29-July 01, 2000
 
15
J. A. Goguen and J. Meseguer. Security policies and security models. In IEEE Symposium on Security and Privacy, pages 11--20, 1982.
16
Ben Hardekopf , Calvin Lin, The ant and the grasshopper: fast and accurate pointer analysis for millions of lines of code, Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation, June 10-13, 2007, San Diego, California, USA
17
David Herman , Cormac Flanagan, Status report: specifying javascript with ML, Proceedings of the 2007 workshop on Workshop on ML, October 05-05, 2007, Freiburg, Germany  [doi>10.1145/1292535.1292543]
18
Trevor Jim , Nikhil Swamy , Michael Hicks, Defeating script injection attacks with browser-enforced embedded policies, Proceedings of the 16th international conference on World Wide Web, May 08-12, 2007, Banff, Alberta, Canada  [doi>10.1145/1242572.1242654]
 
19
Nenad Jovanovic , Christopher Kruegel , Engin Kirda, Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper), Proceedings of the 2006 IEEE Symposium on Security and Privacy, p.258-263, May 21-24, 2006  [doi>10.1109/SP.2006.29]
 
20
J. Kodumal and A. Aiken. Banshee: A scalable constraint-based analysis toolkit. In SAS, pages 218--234, 2005.
21
Monica S. Lam , Michael Martin , Benjamin Livshits , John Whaley, Securing web applications with static and dynamic information flow tracking, Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, p.3-12, January 07-08, 2008, San Francisco, California, USA  [doi>10.1145/1328408.1328410]
 
22
B. Livshits and S. Guarnieri. Gatekeeper: Mostly static enforcement of security and reliability policies for javascript code. Technical Report MSR-TR-2009-16, Microsoft Research, Feb. 2009.
 
23
A. C. Myers. Programming with explicit security policies. In ESOP, pages 1--4, 2005.
 
24
J. Newsome and D. X. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, 2005.
25
François Pottier , Vincent Simonet, Information flow inference for ML, Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.319-330, January 16-18, 2002, Portland, Oregon
26
Polyvios Pratikakis , Jeffrey S. Foster , Michael Hicks, LOCKSMITH: context-sensitive correlation analysis for race detection, Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation, June 11-14, 2006, Ottawa, Ontario, Canada
 
27
Niels Provos , Dean McNamee , Panayiotis Mavrommatis , Ke Wang , Nagendra Modadugu, The ghost in the browser analysis of web-based malware, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p.4-4, April 10, 2007, Cambridge, MA
 
28
Umesh Shankar , Kunal Talwar , Jeffrey S. Foster , David Wagner, Detecting format string vulnerabilities with type qaualifiers, Proceedings of the 10th conference on USENIX Security Symposium, p.16-16, August 13-17, 2001, Washington, D.C.
29
G. Edward Suh , Jae W. Lee , David Zhang , Srinivas Devadas, Secure program execution via dynamic information flow tracking, Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, October 07-13, 2004, Boston, MA, USA
 
30
T. Terauchi and A. Aiken. Secure information flow as a safety problem. In SAS, pages 352---367, 2005.
 
31
P. Thiemann. Towards a type system for analyzing javascript programs. In ESOP, pages 408--422, 2005.
 
32
Neil Vachharajani , Matthew J. Bridges , Jonathan Chang , Ram Rangan , Guilherme Ottoni , Jason A. Blome , George A. Reis , Manish Vachharajani , David I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.243-254, December 04-08, 2004, Portland, Oregon  [doi>10.1109/MICRO.2004.31]
33
Dennis Volpano , Geoffrey Smith, Verifying secrets and relative secrecy, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.268-276, January 19-21, 2000, Boston, MA, USA  [doi>10.1145/325694.325729]
34
Gary Wassermann , Zhendong Su, Static detection of cross-site scripting vulnerabilities, Proceedings of the 30th international conference on Software engineering, May 10-18, 2008, Leipzig, Germany  [doi>10.1145/1368088.1368112]
35
Yichen Xie , Alex Aiken, Scalable error detection using boolean satisfiability, Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.351-363, January 12-14, 2005, Long Beach, California, USA
36
Dachuan Yu , Ajay Chander , Nayeem Islam , Igor Serikov, JavaScript instrumentation for browser security, Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 17-19, 2007, Nice, France
 
37
Nickolai Zeldovich , Silas Boyd-Wickizer , David Mazières, Securing distributed systems with information flow control, Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, p.293-308, April 16-18, 2008, San Francisco, California

INDEX TERMS

Primary Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.4 Software/Program Verification
          Subjects: Validation

Additional Classification:
  F. Theory of Computation
  F.3 LOGICS AND MEANINGS OF PROGRAMS
      F.3.2 Semantics of Programming Languages
          Subjects: Program analysis


General Terms:
Languages, Reliability, Verification


Keywords:
confidentiality, flow analysis, integrity, set constraints, web applications

Collaborative Colleagues:
Ravi Chugh: colleagues
Jeffrey A. Meister: colleagues
Ranjit Jhala: colleagues
Sorin Lerner: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player