• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.51-59
• /
• 2015

JavaScript is a popular technique for activating static HTML. JavaScript has drawn more attention following the introduction of HTML5 Standard. In proportion to JavaScript's growing importance, attacks (ex. DDos, Information leak using its function) become more dangerous. Since these attacks do not create a trail, whether the JavaScript code is malicious or not must be decided. The real attack action is completed while the browser runs the JavaScript code. For these reasons, there is a need for a real-time classification and determination technique for malicious JavaScript. This paper proposes the Analysis Engine for detecting malicious JavaScript by adopting the requirements above. The analysis engine performs static analysis using signature-based detection and dynamic analysis using behavior-based detection. Static analysis can detect malicious JavaScript code, whereas dynamic analysis can detect the action of the JavaScript code.

• Proceedings of the KIEE Conference
• /
• 1999.07g
• /
• pp.2965-2967
• /
• 1999

본 논문에서는 Web Lecture script를 정의하고 이를 효과적으로 운영하기 위한 Java Web Server를 설계 구현하였다. Web Lecture Script란 강의록, 문제출제, 문제 평가, 숙제 제출, 자료실, 토론방 등의 가상 대학 환경을 편리하게 구축하기 위해서 데이터베이스 및 파일의 접근을 Web 환경의 script막을 사통하여 구현할 수 있도록 정의한 것이다. Lecture시스템은 사용자에게 정형화된 포맷이 많이 쓰이기 때문에 script로 정형화된 형태의 인터페이스가 적합하며, 실제적인 구현이 Jaya로 이루어지기 때문에 확장의 범위가 크다. Web Server는 이러한 Lecture Script를 사용자에게 제공하기 위한 Script Engine을 포함하고 있어야 하는데, 이러한 Script Engine이 Web Server라 어떻게 상호작용 하는가에 따라 성능이 좌우된다. 상호 작용하는 방법에는 Script Engine이 Web Server 자체에 포함될 경우, 독립적인 프로세서를 띄워서 처리하는 방법 스크립트만을 처리하는 별도의 서버를 두어 처리를 전환하는 방법이 있다. 따라서 Lecture Script 처리 Engine은 여러 방법으로 구현하고 성능을 비교하여 보다 효과적인 서버를 제안하고자 한다.

• Journal of KIISE
• /
• v.43 no.1
• /
• pp.34-39
• /
• 2016

JavaScript is widely used in web pages with HTML. Many JavaScript engines adopt Just-in-time compilers to accelerate the execution of JavaScript programs. Recently, many newly introduced devices are adopting 64-bit CPUs instead of 32-bit and Just-in-time compilers for 64-bit CPU are slowly being introduced in JavaScript engines. However, there are many inefficiencies in the currently available Just-in-time compilers for 64-bit devices. Especially, the size of code is significantly increased compared to 32-bit devices, mainly due to 64-bit wide addresses in 64-bit devices. In this paper, we are going to address the inefficiencies introduced by 64-bit wide addresses and values in the Just-in-time compiler for the V8 JavaScript engine and propose more efficient ways of generating constant values and addresses to reduce the size of code. We implemented the proposed optimization in the V8 JavaScript engine and measured the size of code as well as performance improvements with Octane and SunSpider benchmarks. We observed a 3.6% performance gain and 0.7% code size reduction in Octane and a 0.32% performance gain and 2.8% code size reduction in SunSpider.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.388-391
• /
• 2014

JavaScript는 AJAX와 같은 기술을 통해 정적인 HTML에 동적인 기능을 제공하며 그 쓰임새는 HTML5 등장 이후 더욱 주목받고 있는 기술이다. 그와 비례하여 JavaScript를 이용한 공격( DoS 공격, 기밀정보 누출 등 ) 또한 큰 위험으로 다가오고 있다. 이들 공격은 실제적인 흔적을 남기지 않기 때문에 JavaScript 코드 상에서 악성 행위를 판단해야 하며, 웹브라우저가 JavaScript 코드를 실행해야 실제적인 행위가 일어나기 때문에 이를 방지하기 위해선 실시간으로 악성 스크립트를 분별하고 파악할 수 있는 분석 기술이 필요하다. 본 논문은 이런 악성 스크립트를 탐지하는 분석엔진 기술을 제안한다. 이 분석 엔진은 시그니쳐 기반 탐지 기술을 이용한 정적 분석과 행위 기반 탐지 기술을 사용하는 동적 분석으로 이루어진다. 정적 분석은 JavaScript 코드에서 악성 스크립트 코드를 탐지하고 동적 분석은 JavaScript 코드의 실제 행위를 분석하여 악성 스크립트를 판별한다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.16 no.6
• /
• pp.722-726
• /
• 2010

The recent deployment of RIA (Rich Internet Application) is often involved with the complex JavaScript code, which leads to the announcement of high performance JavaScript engines for its efficient execution. And the Sunspider benchmark is being widely used for the performance evaluation of these JavaScript engines. In this paper, we compare the execution methods of three high-performance JavaScript engines, Mozilla TraceMonkey, Google V8, and Apple SquirrelFish Extreme, and measure their performances using the SunSpider benchmark. We also evaluate the pros and cons of each engine, based on its execution method and the code characteristics of the SunSpider benchmarks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.3
• /
• pp.443-454
• /
• 2020

The JavaScript engine is a module that receives JavaScript code as input and processes it, among many functions that are loaded into web browsers and display web pages. Many fuzzing test studies have been conducted as vulnerabilities in JavaScript engines could threaten the system security of end-users running JavaScript through browsers. Some of them have increased fuzzing efficiency by guiding test coverage in JavaScript engines, but no coverage guided fuzzing of optimized, dynamically generated machine code was attempted. Optimized JavaScript codes are difficult to perform sufficient iterative testing through fuzzing due to the function of runtime guards to free the code in the event of exceptional control flow. To solve these problems, this paper proposes a method of performing fuzzing tests on optimized machine code by avoiding deoptimization. In addition, we propose a method to measure the coverage of runtime-guards by the dynamic binary instrumentation and to guide increment of runtime-guard coverage. In our experiment, our method has outperformed the existing method at two measures: runtime coverage and iteration by time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.766-783
• /
• 2012

Recently, many malicious users have attacked web browsers using JavaScript code that can execute dynamic actions within the browsers. By forcing the browser to execute malicious JavaScript code, the attackers can steal personal information stored in the system, allow malware program downloads in the client's system, and so on. In order to reduce damage, malicious web pages must be located prior to general users accessing the infected pages. In this paper, a novel framework (JsSandbox) that can monitor and analyze the behavior of malicious JavaScript code using internal function hooking (IFH) is proposed. IFH is defined as the hooking of all functions in the modules using the debug information and extracting the parameter values. The use of IFH enables the monitoring of functions that API hooking cannot. JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection of URLs related to redirection, and detection of exploit codes. Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.26-33
• /
• 2018

A web application running on the Internet is causing many difficulties for a program developer, and it requires to process multiple sessions at the same time due to the occurrence of excessive traffic. Web applications should be able to process concurrent requests efficiently and in real time. Node.js is a single-threaded server-side JavaScript environment implemented in C and C ++ as one of the latest frameworks to implement event models across the entire stack. Nodes implement JavaScript quickly and robust to achieve the best performance using a JavaScript V8 engine developed by Google. In this paper, it will be explained the operation principle of Node.js, which is a lightweight real-time web server that can be implemented in JavaScript for real-time responsive web applications. In addition, this application was practically implemented through automatic alignment system for group scheduling to demonstrate event-based real-time response web processing.

• Journal of KIISE:Computing Practices and Letters
• /
• v.12 no.6
• /
• pp.379-385
• /
• 2006

To improve reusability and adaptation of variable components, rule-based component development has been used. Rule engines usually need additional script languages for rule expression and have difficulty in expressing complex business rules. In this paper, we propose a compiler-based rule engine for rich rule expression and improving performance. This rule engine uses Java programming language to express conditions and action parts of rules and that it can easily express complex business rules. It creates and executes condition and action objects at run time. In view of Performance, the rule engine is better than a script based rule engine. According to our experiments, our compiler-based nile engine shows 2.5 times better performance that script-based JSR 94 rule engine.

• Journal of the Semiconductor & Display Technology
• /
• v.15 no.3
• /
• pp.40-45
• /
• 2016

In this paper, the fire engine pump is controlled and monitored by the AJAX (Asynchronous Javascript and Xml) in the web server. The embedded system with built-in system having a processor and a memory of high performance occurs many problems in transmitting the large amount of data in real time through the web server. The AJAX is different from HTML (Hyper Text Makeup Language) with java script technology and can make RIA (Rich Internet Application). It process the necessary data by using asynchronous and it take advantage of usefulness, accessibility, a fast response time. Using AJAX can build up web server with real time and monitoring that fire engine pump status, check processing pump memory in the event of fire, also remotely monitors can do. The web server system can control the fire engine pump as like the black box. The experimental results show the effectiveness and commercialize possibility.