论文信息 - Security Verification of the Programs in webOS app Store

Security Verification of the Programs in webOS app Store

The article discusses the approach to application security analysis in the mobile store developed for LG Electronics webOS. There are investigated the features of static security analysis applied to the program written using Ja- vaScript. We propose the description of the model intended to the malicious software identification as a pattern recognition system. This model specifies the various methods of software static security analysis.

[1] Salvatore Guarnieri. GULFSTREAM: Staged Static Analysis for Streaming JavaScript Applications , 2010, WebApps.

[2] Benjamin Livshits,et al. GATEKEEPER: Mostly Static Enforcement of Security and Reliability Policies for JavaScript Code , 2009, USENIX Security Symposium.

[3] Benjamin Livshits,et al. ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection , 2011, USENIX Security Symposium.

[4] Marco Pistoia,et al. Saving the world wide web from vulnerable JavaScript , 2011, ISSTA '11.

[5] Michal Zalewski. The Tangled Web: A Guide to Securing Modern Web Applications , 2011 .

[6] Giovanni Vigna,et al. Prophiler: a fast filter for the large-scale detection of malicious web pages , 2011, WWW.