Standard

GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control. / Scull Pupo, Angel Luis; Nicolay, Jens; Efthymiadis, Kyriakos; Nowe, Ann; De Roover, Coen; Gonzalez Boix, Elisa.

Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019). IEEE, 2019.

Research output: Chapter in Book/Report/Conference proceedingConference paperResearch

Harvard

Scull Pupo, AL, Nicolay, J, Efthymiadis, K, Nowe, A, De Roover, C & Gonzalez Boix, E 2019, GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control. in Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019). IEEE, 26th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019), Hangzhou, China, 24/02/19.

APA

Scull Pupo, A. L., Nicolay, J., Efthymiadis, K., Nowe, A., De Roover, C., & Gonzalez Boix, E. (2019). GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control. In Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019) IEEE.

Vancouver

Scull Pupo AL, Nicolay J, Efthymiadis K, Nowe A, De Roover C, Gonzalez Boix E. GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control. In Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019). IEEE. 2019

Author

Scull Pupo, Angel Luis ; Nicolay, Jens ; Efthymiadis, Kyriakos ; Nowe, Ann ; De Roover, Coen ; Gonzalez Boix, Elisa. / GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control. Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019). IEEE, 2019.

BibTeX

@inproceedings{631a22d0d42d41eb8afbba0e59334c82,
title = "GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control",
abstract = "Developing JavaScript and web applications with confidentiality and integrity guarantees is challenging. Information flow control enables the enforcement of such guarantees. However, the integration of this technique into software tools used by developers in their workflow is missing. In this paper we present GuardiaML, a machine learning-assisted dynamic information flow control tool for JavaScript web applications. GuardiaML enables developers to detect unwanted information flow from sensitive sources to public sinks. It can handle the DOM and interaction with internal and external libraries and services. Because the specification of sources and sinks can be tedious, GuardiaML assists in this process by suggesting the tagging of sources and sinks via a machine learning component.",
keywords = "JavaScript, Security, Information Flow Control, Programming Languages, Machine Learning",
author = "{Scull Pupo}, {Angel Luis} and Jens Nicolay and Kyriakos Efthymiadis and Ann Nowe and {De Roover}, Coen and {Gonzalez Boix}, Elisa",
year = "2019",
language = "English",
isbn = "978-1-7281-0591-8",
booktitle = "Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - GuardiaML: Machine Learning-Assisted Dynamic Information Flow Control

AU - Scull Pupo, Angel Luis

AU - Nicolay, Jens

AU - Efthymiadis, Kyriakos

AU - Nowe, Ann

AU - De Roover, Coen

AU - Gonzalez Boix, Elisa

PY - 2019

Y1 - 2019

N2 - Developing JavaScript and web applications with confidentiality and integrity guarantees is challenging. Information flow control enables the enforcement of such guarantees. However, the integration of this technique into software tools used by developers in their workflow is missing. In this paper we present GuardiaML, a machine learning-assisted dynamic information flow control tool for JavaScript web applications. GuardiaML enables developers to detect unwanted information flow from sensitive sources to public sinks. It can handle the DOM and interaction with internal and external libraries and services. Because the specification of sources and sinks can be tedious, GuardiaML assists in this process by suggesting the tagging of sources and sinks via a machine learning component.

AB - Developing JavaScript and web applications with confidentiality and integrity guarantees is challenging. Information flow control enables the enforcement of such guarantees. However, the integration of this technique into software tools used by developers in their workflow is missing. In this paper we present GuardiaML, a machine learning-assisted dynamic information flow control tool for JavaScript web applications. GuardiaML enables developers to detect unwanted information flow from sensitive sources to public sinks. It can handle the DOM and interaction with internal and external libraries and services. Because the specification of sources and sinks can be tedious, GuardiaML assists in this process by suggesting the tagging of sources and sinks via a machine learning component.

KW - JavaScript

KW - Security

KW - Information Flow Control

KW - Programming Languages

KW - Machine Learning

M3 - Conference paper

SN - 978-1-7281-0591-8

BT - Proceedings of the 26th International Conference on Software Analysis, Evolution, and Reengineering (SANER 2019)

PB - IEEE

ER -

ID: 43882041