NodeMedic: End-to-end analysis of Node.js vulnerabilities with provenance graphs

NodeMedic: End-to-end analysis of Node.js vulnerabilities with provenance graphs

Packages in the Node.js ecosystem often suffer from serious vulnerabilities such as arbitrary command injection and code execution. Existing taint analysis tools fall short in providing an end-to-end infrastructure for automatically detecting and triaging these vulnerabilities.We develop NodeMedic,...

Full description

Saved in:
Bibliographic Details
Main Authors: CASSEL, Darion, WONG, Wai Tuck, JIA, Limin
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2023
Subjects:
Analysis tools
Code execution
Command injections
Constraint-based
Tree-based
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/8094
https://ink.library.smu.edu.sg/context/sis_research/article/9097/viewcontent/nodemedic_eurosp23_av.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English

Internet

https://ink.library.smu.edu.sg/sis_research/8094
https://ink.library.smu.edu.sg/context/sis_research/article/9097/viewcontent/nodemedic_eurosp23_av.pdf

Similar Items