Pointer Analysis Based Vulnerability Detection for Browser Extension

As security issue caused by browser extensions is getting serious increasingly, this paper proposes a pointer analysis based approach to detect vulnerabilities from browser extensions. The authors convert extensions' source code into facts in Datalog, and define several rules to describe vulnerabilities' characteristic. By querying on the facts using these rules, a report will be produced to demonstrate the exploitable points in the extension. They give a proof-of-concept implementation of this approach, and finally prove its efficiency and soundness by experiment.

Provided by: Tianjin University of Technology Topic: Security Date Added: Jan 2012 Format: PDF

Find By Topic