JavaScript优化编译执行模式下的动态污点分析技术
发布时间:2018-10-24 10:53
【摘要】:目前,主流的JavaScript执行引擎为了提高效率,引入优化编译执行模式,对频繁运行的热点函数进行即时优化编译。优化编译执行模式的引入,给通过动态插桩实现JavaScript程序的动态污点分析(dynamic taint analysis,DTA)带来了新的挑战。针对这一问题,该文针对HTML5混合型安卓应用,通过修改其所使用的V8JavaScript引擎,基于动态插桩实现了一种优化编译执行模式下的动态污点分析方法。该方法使用污染包裹对象的方式对污点标签进行存储,在优化编译执行模式下的Hydrogen中间代码层面进行插桩操作。实验结果表明:该方法能够有效地在优化编译执行模式下进行污点跟踪,且性能开销也在可以接受的范围内。
[Abstract]:At present, in order to improve the efficiency, the mainstream JavaScript execution engine introduces the optimized compilation execution mode to optimize the frequently running hotspots. The introduction of optimized compiler execution mode brings a new challenge to the implementation of dynamic stain analysis (dynamic taint analysis,DTA) of JavaScript programs by dynamically inserting piles. In order to solve this problem, this paper proposes a dynamic stain analysis method based on dynamic piling for HTML5 hybrid Android application, by modifying the V8JavaScript engine it uses. In this method, the tainted label is stored in the way of contaminated wrapping object, and the piling operation is carried out at the middle code level of Hydrogen in the optimized compilation execution mode. The experimental results show that the proposed method can effectively track the corruption in the optimized compilation execution mode, and the performance overhead is within acceptable range.
【作者单位】: 数据工程与知识工程教育部重点实验室(中国人民大学);中国人民大学信息学院;
【基金】:国家自然科学基金资助项目(91418206,61472429)
【分类号】:TP312.2
本文编号:2291186
[Abstract]:At present, in order to improve the efficiency, the mainstream JavaScript execution engine introduces the optimized compilation execution mode to optimize the frequently running hotspots. The introduction of optimized compiler execution mode brings a new challenge to the implementation of dynamic stain analysis (dynamic taint analysis,DTA) of JavaScript programs by dynamically inserting piles. In order to solve this problem, this paper proposes a dynamic stain analysis method based on dynamic piling for HTML5 hybrid Android application, by modifying the V8JavaScript engine it uses. In this method, the tainted label is stored in the way of contaminated wrapping object, and the piling operation is carried out at the middle code level of Hydrogen in the optimized compilation execution mode. The experimental results show that the proposed method can effectively track the corruption in the optimized compilation execution mode, and the performance overhead is within acceptable range.
【作者单位】: 数据工程与知识工程教育部重点实验室(中国人民大学);中国人民大学信息学院;
【基金】:国家自然科学基金资助项目(91418206,61472429)
【分类号】:TP312.2
【相似文献】
相关期刊论文 前2条
1 杨英;逻辑程序的“与”和“或”算子的独立于机器的并行执行:第二部分──编译执行[J];管理科学文摘;1996年02期
2 谢东;五子连珠[J];电脑编程技巧与维护;1996年12期
,本文编号:2291186
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2291186.html
