Feedback-driven and Guided Security Analysis of Client-side Web Applications

Feedback-driven and Guided Security Analysis of Client-side Web Applications

Behnaz Hassanshahi, Hyunjun Lee, Padmanabhan Krishnan

22 August 2021

Modern web applications are getting more sophisticated by using frameworks that make development easy, but pose challenges for security analysis tools. New analysis techniques are needed to handle such frameworks that grow in number and popularity. In this paper, we describe FGSC that addresses the most crucial challenges for a security-aware client-side analysis of highly dynamic web applications. In particular, we use a feedback-driven and state- aware crawler that is able to analyze complex framework-based applications automatically, and is guided to maximize coverage of security-sensitive parts of the program. Moreover, we propose a new lightweight client-side taint analysis that outperforms the state-of-the-art tools, requires no modification to browsers, and reports non-trivial taint flows on modern JavaScript applications. Our experiments on a variety of applications demonstrate that FGSC achieves significantly better coverage and reports vulnerabilities with higher accuracy than existing tools.


Venue : ESEC/FSE 2021 https://2021.esec-fse.org/