• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.5
• /
• pp.329-331
• /
• 2014

JavaScript is widely used to offer interactive web service and dynamic content. However, the number and size of JavaScript constituting the web page has been increasing steadily, and this circumstance leads to falling web performance. In this paper, we suggest a scheme for acceleration of JavaScript transmission considering software module reusability. We perform network simulation for the performance evaluation and analysis about the suggested scheme, and then confirm that the suggested scheme offers better performance in term of page loading time and the amount of traffic generated in the network than the transmission method using Gzip.

• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.51-59
• /
• 2015

JavaScript is a popular technique for activating static HTML. JavaScript has drawn more attention following the introduction of HTML5 Standard. In proportion to JavaScript's growing importance, attacks (ex. DDos, Information leak using its function) become more dangerous. Since these attacks do not create a trail, whether the JavaScript code is malicious or not must be decided. The real attack action is completed while the browser runs the JavaScript code. For these reasons, there is a need for a real-time classification and determination technique for malicious JavaScript. This paper proposes the Analysis Engine for detecting malicious JavaScript by adopting the requirements above. The analysis engine performs static analysis using signature-based detection and dynamic analysis using behavior-based detection. Static analysis can detect malicious JavaScript code, whereas dynamic analysis can detect the action of the JavaScript code.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.388-391
• /
• 2014

JavaScript는 AJAX와 같은 기술을 통해 정적인 HTML에 동적인 기능을 제공하며 그 쓰임새는 HTML5 등장 이후 더욱 주목받고 있는 기술이다. 그와 비례하여 JavaScript를 이용한 공격( DoS 공격, 기밀정보 누출 등 ) 또한 큰 위험으로 다가오고 있다. 이들 공격은 실제적인 흔적을 남기지 않기 때문에 JavaScript 코드 상에서 악성 행위를 판단해야 하며, 웹브라우저가 JavaScript 코드를 실행해야 실제적인 행위가 일어나기 때문에 이를 방지하기 위해선 실시간으로 악성 스크립트를 분별하고 파악할 수 있는 분석 기술이 필요하다. 본 논문은 이런 악성 스크립트를 탐지하는 분석엔진 기술을 제안한다. 이 분석 엔진은 시그니쳐 기반 탐지 기술을 이용한 정적 분석과 행위 기반 탐지 기술을 사용하는 동적 분석으로 이루어진다. 정적 분석은 JavaScript 코드에서 악성 스크립트 코드를 탐지하고 동적 분석은 JavaScript 코드의 실제 행위를 분석하여 악성 스크립트를 판별한다.

• Journal of KIISE:Software and Applications
• /
• v.37 no.5
• /
• pp.394-402
• /
• 2010

JavaScript is one of the most popular languages to develope web sites and web applications. Since applicationss written in JavaScript are sent to clients as the original source code, they are easily exposed to plagiarists. Therefore, a method to detect plagiarized JavaScript programs is necessary. The conventional program dependency graph(PDG) based approaches are not suitable to analyze JavaScript programs because they do not reflect dynamic features of JavaScript. They also generate false positives in some cases and show inefficiency with large scale search space. We devise a JavaScript specific PDG(JS PDG) that captures dynamic features of JavaScript and propose a JavaScript plagiarism detection method for precise and fast detection. We evaluate the proposed plagiarism detection method with experiment. Our experiments show that our approach can detect false-positives generated by conventional PDG and can prune the plagiarism search space.

• Journal of Information Processing Systems
• /
• v.13 no.4
• /
• pp.731-751
• /
• 2017

The burgeoning distribution of smartphone web applications based on various mobile environments is increasingly focusing on the performance of mobile applications implemented by JavaScript and HTML5 (Hyper Text Markup Language 5). If application software has a simple functional processing structure, then the problem is benign. However, browser loads are becoming more burdensome as the amount of JavaScript processing continues to increase. Processing time and capacity of the JavaScript in current mobile browsers are limited. As a solution, the Web Worker is designed to implement multi-threading. However, it cannot guarantee the computing ability as a native application on mobile devices, and is not sufficient to improve processing speed. The method proposed in this research overcomes the limitation of resources as a mobile client and guarantees performance by native application software by providing high computing service. It shifts the JavaScript process of a mobile device on to a cloud-based computer server. A performance evaluation experiment revealed the proposed algorithm to be up to 6 times faster in computing speed compared to the existing mobile browser's JavaScript process, and 3 to 6 times faster than Web Worker. In addition, memory usage was also less than the existing technology.

• Journal of KIISE
• /
• v.43 no.1
• /
• pp.34-39
• /
• 2016

JavaScript is widely used in web pages with HTML. Many JavaScript engines adopt Just-in-time compilers to accelerate the execution of JavaScript programs. Recently, many newly introduced devices are adopting 64-bit CPUs instead of 32-bit and Just-in-time compilers for 64-bit CPU are slowly being introduced in JavaScript engines. However, there are many inefficiencies in the currently available Just-in-time compilers for 64-bit devices. Especially, the size of code is significantly increased compared to 32-bit devices, mainly due to 64-bit wide addresses in 64-bit devices. In this paper, we are going to address the inefficiencies introduced by 64-bit wide addresses and values in the Just-in-time compiler for the V8 JavaScript engine and propose more efficient ways of generating constant values and addresses to reduce the size of code. We implemented the proposed optimization in the V8 JavaScript engine and measured the size of code as well as performance improvements with Octane and SunSpider benchmarks. We observed a 3.6% performance gain and 0.7% code size reduction in Octane and a 0.32% performance gain and 2.8% code size reduction in SunSpider.

• Proceedings of the Korean Information Science Society Conference
• /
• 2006.10c
• /
• pp.458-461
• /
• 2006

웹 플렛폼이 계속해서 발전하고 기술이 고도화 됨에 따라 이를 사용하기 위한 다양한 지원 기술과 프레임워크가 제안되고 있다. 그 중 최근 가장 관심이 집중되고 있는 브라우저 기반의 웹 어플리케이션 기법이 AJAX(Asynchronous JavaScript and XML)이다. AJAX를 구현하는 데에는 JavaScript가 중요한 기술적 요소라 하겠다. 본 논문에서는 사용 규모와 기능의 확대가 예상되는 JavaScript의 시험을 위한 도구를 개념적으로 제안했다. 기존에 제안된 도구나 수동적인 시험은 HTML에 시험을 위한 JavaScript를 삽입하여 브라우저를 통한 시험이 위주였다. 브라우저를 통한 방법은 스크립트를 삽입한 후 HTML을 불러와야 한다는 번거로움이 있고 시험을 위해 삽입된 JavaScript를 제거하는 과정에서 다른 오류가 유입될 수도 있다. 또한 브라우저에서 보여주는 결과만으로는 시험의 확인이 어렵다. 이에 본 논문은 AJAX 환경에서 더욱 사용이 확대되고 있는 자바스크립트를 시험하기 위한 자동 시험 도구 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.633-636
• /
• 2017

This paper presents a cloud service called CDLint for checking and analyzing the Javascript code dynamically. The correctness of Javascript code is becoming more important since it can also run on the server side as well as the client side. There are several analysis systems for checking the bad code in JavaScript but they seem like have one or more weaknesses. CDLint is developed based on an existing work named DLint which is a powerful bad JavaScript checker. Compared with similar systems, CDLint shows the best performances with respect to the system extensibility, the freedom to use without installation, the automatic parsing of JavaScript code from website, and the environment configuration for JavaScript code checking.

• IEIE Transactions on Smart Processing and Computing
• /
• v.3 no.6
• /
• pp.393-396
• /
• 2014

Recently, the internet of things (IoT) has become increasingly attractive in many areas to realize smart worlds. JavaScript has become prevalent for IoT programming because of its familiarity with web programmers. On the other hand, JavaScript does not allow the direct control of IoT hardware due to its language limitation. This paper proposes the IoT software platform for JavaScript programming to resolve the limitation. For proof of concept, the platform based on SpiderMonkey and Raspberry Pi was implemented.

• Journal of Advanced Navigation Technology
• /
• v.15 no.4
• /
• pp.626-631
• /
• 2011

In this paper, the methods of designing and implementing user interaction using jQuery in Web Application are suggested. While computing ability of smart devices grows up, web application technology is generalized. So JavaScript is one of noticeable web application technologies, and jQuery is the most popular JavaScript framework. We described basic grammar, scalability and plug-ins of jQuery. We categorized user interactions and animations and described methods to implement it.