GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control
Autor: | Elisa Gonzalez Boix, Coen De Roover, Ann Nowé, Jens Nicolay, Kyriakos Efthymiadis, Angel Luis Scull Pupo |
---|---|
Přispěvatelé: | Shihab, Emad, Lo, David, Wang, Xinyu, Informatics and Applied Informatics, Software Languages Lab, Faculty of Sciences and Bioengineering Sciences, Artificial Intelligence, Electronics and Informatics, Computational Modelling |
Jazyk: | angličtina |
Rok vydání: | 2019 |
Předmět: |
Process (engineering)
Computer science business.industry Information Flow Control JavaScript Machine learning computer.software_genre JavaScript Security artificial intelligence Computer Science Applications Support vector machine Machine Learning Workflow Software Computational Theory and Mathematics Component (UML) programming languages Web application Information flow (information theory) Artificial intelligence business computer computer.programming_language |
Zdroj: | SANER |
Popis: | Developing JavaScript and web applications with confidentiality and integrity guarantees is challenging. Information flow control enables the enforcement of such guarantees. However, the integration of this technique into software tools used by developers in their workflow is missing. In this paper we present GUARDIAML, a machine learning-assisted dynamic information flow control tool for JavaScript web applications. GUARDIAML enables developers to detect unwanted information flow from sensitive sources to public sinks. It can handle the DOM and interaction with internal and external libraries and services. Because the specification of sources and sinks can be tedious, GUARDIAML assists in this process by suggesting the tagging of sources and sinks via a machine learning component. |
Databáze: | OpenAIRE |
Externí odkaz: |