Detecting Runtime Anomalies in AJAX Applications through Trace Analysis

Abstract

AJAX applications are prone to security vulnerabilities due to the ease of inadvertently entrusting the client with security-critical logic. We characterize exploits of such vulnerabilities as violations of a protocol implicitly defined in the client-side code, and we introduce a method to detect and prevent these protocol violations in middleware, without having to modify the original application. We accomplish this by instrumenting the client code to send fragments of execution traces to the server, allowing the server to efficiently prove that the incoming message complies with the protocol. By combining replay execution and constraint solving, our method exploits the componentized structure of applications to minimize the server computing power and network bandwidth required to monitor them. A prototype running on the Google Web Toolkit platform demonstrates our method.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 10, 2011
Accession Number
ADA560010

Entities

People

  • James Purtilo
  • Jeff Stuckman

Organizations

  • University of Maryland

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Application Software
  • Computer Programs
  • Computers
  • Debugging
  • Information Operations
  • Javascript Programming Language
  • Models
  • Prototypes
  • Robotics
  • Security
  • United States
  • Universities
  • User Interface
  • Verification
  • Vulnerability
  • Web Applications
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Database Systems and Applications