Acknowledgement
Supported by : 한국연구재단
References
- European Association for Standardizing Information and Communication Systems(ECMA). ECMA-262: ECMAScript Language Specification. Fifth edition, 2009.
- Tizen: An open source, standards-based software platform for multiple device categories. http://www.tizen.org
- Smart TV. http://developer.samsung.com/smarttv
- Caja. http://code.google.com/p/google-caja
- FBJS. http://developers.facebook.com/docs/fbjs
- Douglas Crockford. ADsafe: Making JavaScript safe for advertising. http://www.adsafe.org
- Joe Gibbs Politz, Spiridon Aristides Eliopoulos, Arjun Guha, and Shriram Krishnamurthi. ADsafety: Type-based verification of JavaScript sandboxing. In Proceedings of the 20th USENIX Security Symposium, 2011.
- Sergio Maffeis and Ankur Taly. Language-based isolation of untrusted JavaScript. In Proceedings of the 2009 IEEE Computer Security Foundations Symposium.
- Matthew Finifter, Joel Weinberger, and Adam Barth. Preventing capability leaks in secure JavaScript subsets. In Proceedings of the 2010 Network and Distributed System Security Symposium.
- Sergio Maffeis, John C. Mitchell, and Ankur Taly. An operational semantics for JavaScript. In Proceedings of the 6th Asian Symposium on Programming Languages and Systems, 2008.
- Arjun Guha, Claudiu Saftoiu, and Shriram Krishnamurthi. The essence of JavaScript. In Proceedings of the 24th European Conference on Object-Oriented Programming, 2010.
- The Coq development team. The Coq proof assistant.http://coq.inria.fr
- Martin Bodin, Arthur Chargueraud, Daniele Filaretti, Philippa Gardner, Sergio Maffeis, Daiva Naudziuniene, Alan Schmitt, and Gareth Smith. JSCert: Certified Java-Script. http://jscert.org
- Hakjoo Oh, Kihong Heo, Wonchan Lee, and Kwangkeun Yi. Design and implementation of sparse global analyses for C-like languages. In Proceedings of the 33rd ACM Conference on Programming Language Design and Implementation, 2012.
- Christopher Anderson, Paola Giannini, and Sophia Drossopoulou. Towards type inference for JavaScript. In Proceedings of the 19th European Conference on Object- Oriented Programming, 2005.
- Peter Thiemann. Towards a type system for analyzing JavaScript programs. In Proceedings of the 14th European Symposium on Programming, 2005.
- Simon Holm Jensen, Anders M0ller, and Peter Thiemann. Type analysis for JavaScript. In Proceedings of the 2009 Static Analysis Symposium.
- Simon Holm Jensen, Anders M0ller, and Peter Thiemann. Interprocedural analysis with lazy propagation. In Proceedings of the 2010 Static Analysis Symposium.
- TAJS: Type Analyzer for JavaScript. http://www.brics.dk/TAJS
- Dachuan Yu, Ajay Chander, Nayeem Islam, and Igor Serikov. JavaScript instrumentation for browser security. In Proceedings of the ACM Symposium on Principles of Programming Languages, 2007.
- Adam Barth, Joel Weinberger, and Dawn Song. Crossorigin JavaScript capability leaks: Detection, exploitation, and defense. In Proceedings of the 18th USENIX Security Symposium, 2009.
- Salvatore Guarnieri and Benjamin Livshits. GateKeeper: Mostly static enforcement of security and reliability policies for JavaScript code. In Proceedings of the 18th USENIX Security Symposium, 2009.
- Ravi Chugh, Jeffrey A. Meister Ranjit, and Jhala Sorin Lerner. Staged information flow for JavaScript. In Proceedings of the 30th ACM Conference on Programming Language Design and Implementation, 2009.
- Gary Wassermann, Dachuan Yu, Ajay Chander, Dinakar Dhurjati, Hiroshi Inamura, Zhendong Su. Dynamic test input generation for web applications. In Proceedings of the ACM International Symposium on Software Testing and Analysis, 2008.
- Shay Artzi, Julian Dolby, Simon Holm Jensen, Anders Møller, and Frank Tip. A framework for automated testing of JavaScript web applications. In Proceedings of the 33rd International Conference on Software Engineering, 2011.
- Hongki Lee, Sooncheol Won, Joonho Jin, Junhee Cho, and Sukyoung Ryu. SAFE: Formal specification and implementation of a Scalable Analysis Framework for ECMAScript. In 2012 International Workshop on Foundations of Object-Oriented Languages(FOOL'12), 2012.
- KAIST PLRG. SAFE: Scalable Analysis Framework for ECMAScript. http://plrg.kkaist.ac.kr/research/safe
- Rats!. http://cs.nyu.edu/rgrimm/xtc/rats-intro.html
- ASTGen. http://astgen.sourceforge.net
- Seonghoon Kang and Sukyoung Ryu. Formal specification of a JavaScript module system. In Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, 2012.
- Scala. http://www.scala-lang.org
- Web IDL. http://www.w3.org/TR/WebIDL/