Institute of Computer Languages
Compilers and Languages Group

Talks 2017 - Dr. Alexander Jordan

Der Arbeitsbereich für Programmiersprachen und Übersetzer am Institut für Computersprachen lädt zu folgendem Vortrag ein:

Dr. Alexander Jordan

Oracle Labs, Brisbane, Australia
Datum: Mittwoch, den 12. Juli 2017
Zeit: 11:00 Uhr c.t. *)
Ort: TU Wien, Bibliothek E185.1, Argentinierstr. 8, 4. Stock (Mitte).
*) Tee: 10:30 Uhr in der Bibliothek E185.1, Argentinierstr. 8, 4. Stock (Mitte).


Real-world Challenges in JavaScript Analysis


While JavaScript has become the most popular programming language today, tools that can automatically alert developers to unwanted behavior or security vulnerabilities are still lacking. Such tools are either drastically limited (e.g., linter and checker tools) or fail to scale to real-world applications. This can in part be explained by the language they target. JavaScript is dynamically typed, has higher-order functions and supports reflective (string-based) access to the properties of objects. Even more difficult for static analysis is the excessive use of third-party libraries, meta-programming techniques (e.g., dynamic code generation), and event-driven frameworks. The talk starts with a brief overview of the challenges we face when applying static analysis techniques to current systems built on JavaScript, especially modern web applications. We continue by reporting on our work extending SAFE, an abstract interpretation framework for JavaScript, with (1) a light-weight taint analysis and (2) improved string abstract domains. Finally, we introduce a new domain-specific application of JavaScript static analysis that has shown to be effective: the detection of JavaScript-based malware embedded in PDF documents.


Alexander Jordan is a senior researcher at Oracle Labs Australia, where he has been working on program analysis techniques for Java- and JavaScript-based web applications. Before joining Oracle Labs in 2015, Alexander obtained his MSc and PhD degrees from TU Wien and has worked as a research assistant, with a focus on WCET analysis, at DTU (Denmark) and ENSTA ParisTech (France). His interests include program analysis, compilers and computer security. (

Sie möchten auf diesen Vortrag durch Aushang hinweisen? Eine druckfertige Einladung im pdf-Format dafür finden Sie hier.

   About Us
      Talks 2017
      Talks 2016
      Talks 2015
      Talks 2014
      Talks 2013
      Talks 2012
      Talks 2011
      Talks 2010
      Talks 2009
      Talks 2008
      Talks 2007
      Talks 2006
      Talks 2005
      Talks 2004
Fast Access:
Previous Talk
Next Talk
Faculty of Informatics
Vienna University of Technology
top | HTML 4.01 | Datenschutzerklärung | last update: 2018-05-25 (Webmaster)