Write a Blog >>
ASE 2020
Mon 21 - Fri 25 September 2020 Melbourne, Australia
Thu 24 Sep 2020 09:30 - 09:50 at Kangaroo - Software Security and Trust (2) Chair(s): Raula Gaikovina Kula

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming applications. With recent work showing evidence that known vulnerabilities being prevalent in both an Open Source and industry, we propose and implement a viable code-based vulnerability detection tool in Node.js applications. Our case study lists the challenges when implementing this Node.js vulnerable code detector.

Thu 24 Sep

Displayed time zone: (UTC) Coordinated Universal Time change

09:10 - 10:10
Software Security and Trust (2)Tool Demonstrations / Research Papers / Industry Showcase at Kangaroo
Chair(s): Raula Gaikovina Kula NAIST
Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts
Research Papers
Yinxing Xue , Mingliang Ma University of Science and Technology of China, Yun Lin National University of Singapore, Yulei Sui University of Technology Sydney, Australia, Jiaming Ye University of Science and Technology of China, Tianyong Peng University of Science and Technology of China
Code-based Vulnerability Detection in Node.js Applications: How far are we?
Industry Showcase
Bodin Chinthanet Nara Institute of Science and Technology, Serena Elisa Ponta SAP Security Research, Henrik Plate SAP Security Research, Antonino Sabetta SAP Security Research, Raula Gaikovina Kula NAIST, Takashi Ishio Nara Institute of Science and Technology, Kenichi Matsumoto Nara Institute of Science and Technology
SmartBugs: A Framework to Analyze Solidity Smart Contracts
Tool Demonstrations
João F. Ferreira INESC-ID and IST, University of Lisbon, Pedro Cruz IST, University of Lisbon, Portugal, Thomas Durieux KTH Royal Institute of Technology, Sweden, Rui Abreu Faculty of Engineering, University of Porto, Portugal