Abstract
Web-browser security with emphasis on JavaScript security, is one of the important problems of the modern world. The potency of information flow control (IFC) in the context of JavaScript is quite appealing. In this paper, we adopt an earlier technique, Address Split Design (ASD), proposed by Deepak et al. [12]. We propose an alternate data-structure to the dictionaries used in ASD to keep track of secret variables. We also propose a novel approach to help track and learn from information flows. This learnt data can subsequently be used to create a more adaptive and effective IFC model. As the information about a function augments, potential leaks are also thwarted. Using such an approach, we show that more rigid security guarantees can be achieved eventually with increase in learnt data.
Cite
CITATION STYLE
Subramanian, D., Hiet, G., & Bidan, C. (2017). A self-correcting information flow control model for the web-browser. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10128 LNCS, pp. 285–301). Springer Verlag. https://doi.org/10.1007/978-3-319-51966-1_19
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
