Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Softw 2021
DOI: 10.1145/3468264.3468556
|View full text |Cite
|
Sign up to set email alerts
|

Accelerating JavaScript static analysis via dynamic shortcuts

Abstract: JavaScript has become one of the most widely used programming languages for web development, server-side programming, and even micro-controllers for IoT. However, its extremely functional and dynamic features degrade the performance and precision of static analysis. Moreover, the variety of built-in functions and host environments requires excessive manual modeling of their behaviors. To alleviate these problems, researchers have proposed various ways to leverage dynamic analysis during JavaScript static analy… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
1
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 11 publications
(2 citation statements)
references
References 36 publications
0
1
0
Order By: Relevance
“…Stein et al [85] presented a conventional non-relational static dataflow analysis with a value refinement mechanism to increase precision on demand at critical locations. Park et al [86] proposed dynamic shortcuts to switch between abstract and concrete execution during JavaScript static analysis in a sound way. By employing more efficient static and dynamic analysis, we can generate more fine-grained system call whitelist for the Node.js applications.…”
Section: Related Workmentioning
confidence: 99%
“…Stein et al [85] presented a conventional non-relational static dataflow analysis with a value refinement mechanism to increase precision on demand at critical locations. Park et al [86] proposed dynamic shortcuts to switch between abstract and concrete execution during JavaScript static analysis in a sound way. By employing more efficient static and dynamic analysis, we can generate more fine-grained system call whitelist for the Node.js applications.…”
Section: Related Workmentioning
confidence: 99%
“…Balzarotti et al [54] present SANER, a tool for sanitizing web applications that also combines static and dynamic analysis. Park et al [176] describe an approach which uses dynamic analysis as a shortcut to speed up static analysis of JavaScript. Toman and Grossman [212] combine concrete and abstract interpretation to analyze programs that make extensive use of third party libraries and otherwise inaccessible code.…”
Section: Combining Static and Dynamic Analysismentioning
confidence: 99%