Write a Blog >>
ASE 2020
Mon 21 - Fri 25 September 2020 Melbourne, Australia
Thu 24 Sep 2020 09:30 - 09:50 at Kangaroo - Software Security and Trust (2) Chair(s): Raula Gaikovina Kula

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming applications. With recent work showing evidence that known vulnerabilities being prevalent in both an Open Source and industry, we propose and implement a viable code-based vulnerability detection tool in Node.js applications. Our case study lists the challenges when implementing this Node.js vulnerable code detector.

Thu 24 Sep
Times are displayed in time zone: (UTC) Coordinated Universal Time

09:10 - 10:10: Software Security and Trust (2)Research Papers / Tool Demonstrations / Industry Showcase at Kangaroo
Chair(s): Raula Gaikovina KulaNAIST
09:10 - 09:30
Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts
Research Papers
Yinxing Xue, Mingliang MaUniversity of Science and Technology of China, Yun LinNational University of Singapore, Yulei SuiUniversity of Technology Sydney, Australia, Jiaming YeUniversity of Science and Technology of China, Tianyong PengUniversity of Science and Technology of China
09:30 - 09:50
Code-based Vulnerability Detection in Node.js Applications: How far are we?
Industry Showcase
Bodin ChinthanetNara Institute of Science and Technology, Serena Elisa PontaSAP Security Research, Henrik PlateSAP Security Research, Antonino SabettaSAP Security Research, Raula Gaikovina KulaNAIST, Takashi IshioNara Institute of Science and Technology, Kenichi MatsumotoNara Institute of Science and Technology
09:50 - 10:00
SmartBugs: A Framework to Analyze Solidity Smart Contracts
Tool Demonstrations
João F. FerreiraINESC-ID and IST, University of Lisbon, Pedro CruzIST, University of Lisbon, Portugal, Thomas DurieuxKTH Royal Institute of Technology, Sweden, Rui AbreuFaculty of Engineering, University of Porto, Portugal