{"id":"https://openalex.org/W3090362160","doi":"https://doi.org/10.1145/3377811.3380390","title":"Extracting taint specifications for JavaScript libraries","display_name":"Extracting taint specifications for JavaScript libraries","publication_year":2020,"publication_date":"2020-06-27","ids":{"openalex":"https://openalex.org/W3090362160","doi":"https://doi.org/10.1145/3377811.3380390","mag":"3090362160"},"language":"en","primary_location":{"id":"doi:10.1145/3377811.3380390","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3377811.3380390","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://pure.au.dk/ws/files/207540644/Extracting_taint_specifications_for_JavaScript_libraries.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068174067","display_name":"Cristian-Alexandru Staicu","orcid":"https://orcid.org/0000-0002-6542-2226"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Cristian-Alexandru Staicu","raw_affiliation_strings":["TU Darmstadt"],"affiliations":[{"raw_affiliation_string":"TU Darmstadt","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005402399","display_name":"Martin Toldam Torp","orcid":null},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Martin Toldam Torp","raw_affiliation_strings":["Aarhus University"],"affiliations":[{"raw_affiliation_string":"Aarhus University","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108554298","display_name":"Max Sch\u00e4fer","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Max Sch\u00e4fer","raw_affiliation_strings":["GitHub"],"affiliations":[{"raw_affiliation_string":"GitHub","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103189175","display_name":"Anders M\u00f8ller","orcid":"https://orcid.org/0000-0003-1333-2314"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Anders M\u00f8ller","raw_affiliation_strings":["Aarhus University"],"affiliations":[{"raw_affiliation_string":"Aarhus University","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013438083","display_name":"Michael Pradel","orcid":"https://orcid.org/0000-0003-1623-498X"},"institutions":[{"id":"https://openalex.org/I100066346","display_name":"University of Stuttgart","ror":"https://ror.org/04vnq7t77","country_code":"DE","type":"education","lineage":["https://openalex.org/I100066346"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Michael Pradel","raw_affiliation_strings":["University of Stuttgart"],"affiliations":[{"raw_affiliation_string":"University of Stuttgart","institution_ids":["https://openalex.org/I100066346"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5068174067"],"corresponding_institution_ids":["https://openalex.org/I31512782"],"apc_list":null,"apc_paid":null,"fwci":3.8095,"has_fulltext":true,"cited_by_count":34,"citation_normalized_percentile":{"value":0.94340116,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"198","last_page":"209"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7757123708724976},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.7259477376937866},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.49448251724243164},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.45689013600349426},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.443684458732605},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4047868251800537},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.11582550406455994}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7757123708724976},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.7259477376937866},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.49448251724243164},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.45689013600349426},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.443684458732605},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4047868251800537},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.11582550406455994}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3377811.3380390","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3377811.3380390","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:publications/17b8e541-8070-468b-a586-19725fb6aa81","is_oa":true,"landing_page_url":"https://pure.au.dk/portal/en/publications/17b8e541-8070-468b-a586-19725fb6aa81","pdf_url":"https://pure.au.dk/ws/files/207540644/Extracting_taint_specifications_for_JavaScript_libraries.pdf","source":null,"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Staicu, C A, Torp, M T, Schafer, M, M\u00f8ller, A & Pradel, M 2020, Extracting Taint Specifications for JavaScript Libraries. in ICSE '20: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering., 3380390, Association for Computing Machinery, New York, Proceedings - International Conference on Software Engineering, pp. 198-209, 42nd ACM/IEEE International Conference on Software Engineering, ICSE 2020, Virtual, Online, Korea, Republic of, 27/06/2020. https://doi.org/10.1145/3377811.3380390","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"pmh:oai:pure.atira.dk:publications/17b8e541-8070-468b-a586-19725fb6aa81","is_oa":true,"landing_page_url":"https://pure.au.dk/portal/en/publications/17b8e541-8070-468b-a586-19725fb6aa81","pdf_url":"https://pure.au.dk/ws/files/207540644/Extracting_taint_specifications_for_JavaScript_libraries.pdf","source":null,"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Staicu, C A, Torp, M T, Schafer, M, M\u00f8ller, A & Pradel, M 2020, Extracting Taint Specifications for JavaScript Libraries. in ICSE '20: Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering., 3380390, Association for Computing Machinery, New York, Proceedings - International Conference on Software Engineering, pp. 198-209, 42nd ACM/IEEE International Conference on Software Engineering, ICSE 2020, Virtual, Online, Korea, Republic of, 27/06/2020. https://doi.org/10.1145/3377811.3380390","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7099999785423279}],"awards":[{"id":"https://openalex.org/G2220875397","display_name":null,"funder_award_id":"ConcSys","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G4956763309","display_name":null,"funder_award_id":"CRISP","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"},{"id":"https://openalex.org/G5990912325","display_name":"Learning to Find Software Bugs","funder_award_id":"851895","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G6743243744","display_name":null,"funder_award_id":"unknown","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G8102985520","display_name":"Automated Program Analysis for Advanced Web Applications","funder_award_id":"647544","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8318064016","display_name":null,"funder_award_id":"Horizon","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3090362160.pdf","grobid_xml":"https://content.openalex.org/works/W3090362160.grobid-xml"},"referenced_works_count":49,"referenced_works":["https://openalex.org/W202191487","https://openalex.org/W798485908","https://openalex.org/W1969808647","https://openalex.org/W1969883639","https://openalex.org/W1991074244","https://openalex.org/W1999579337","https://openalex.org/W2023753091","https://openalex.org/W2036639103","https://openalex.org/W2038461625","https://openalex.org/W2039173453","https://openalex.org/W2040518484","https://openalex.org/W2078197322","https://openalex.org/W2089745089","https://openalex.org/W2102970979","https://openalex.org/W2114221821","https://openalex.org/W2125357166","https://openalex.org/W2128985333","https://openalex.org/W2139672701","https://openalex.org/W2142194171","https://openalex.org/W2146717998","https://openalex.org/W2155735696","https://openalex.org/W2157514610","https://openalex.org/W2166743230","https://openalex.org/W2377819450","https://openalex.org/W2514578992","https://openalex.org/W2591793539","https://openalex.org/W2602111867","https://openalex.org/W2614073125","https://openalex.org/W2654868256","https://openalex.org/W2758513221","https://openalex.org/W2767301967","https://openalex.org/W2788565238","https://openalex.org/W2792952820","https://openalex.org/W2806253293","https://openalex.org/W2886465534","https://openalex.org/W2889480272","https://openalex.org/W2898182742","https://openalex.org/W2898614297","https://openalex.org/W2899462170","https://openalex.org/W2931028669","https://openalex.org/W2953940813","https://openalex.org/W2955314900","https://openalex.org/W2965940576","https://openalex.org/W2966422137","https://openalex.org/W2967160941","https://openalex.org/W2967904600","https://openalex.org/W2987470874","https://openalex.org/W4240995061","https://openalex.org/W4247387602"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2060629665","https://openalex.org/W2029684113","https://openalex.org/W2461078469","https://openalex.org/W123790205","https://openalex.org/W3154138117","https://openalex.org/W2208447305","https://openalex.org/W2337406499","https://openalex.org/W2061640969","https://openalex.org/W4313563662"],"abstract_inverted_index":{"Modern":[0],"JavaScript":[1],"applications":[2],"extensively":[3],"depend":[4],"on":[5,60],"third-party":[6],"libraries.":[7],"Especially":[8],"for":[9,65],"the":[10,19,66],"Node.js":[11],"platform,":[12],"vulnerabilities":[13],"can":[14],"have":[15,37],"severe":[16],"consequences":[17],"to":[18,40,70],"security":[20],"of":[21],"applications,":[22],"resulting":[23],"in,":[24],"e.g.,":[25],"cross-site":[26],"scripting":[27],"and":[28],"command":[29],"injection":[30],"attacks.":[31],"Existing":[32],"static":[33],"analysis":[34,72],"tools":[35],"that":[36],"been":[38],"developed":[39],"automatically":[41],"detect":[42],"such":[43],"issues":[44],"are":[45],"either":[46],"too":[47],"coarse-grained,":[48],"looking":[49],"only":[50],"at":[51],"package":[52],"dependency":[53],"structure":[54],"while":[55],"ignoring":[56],"dataflow,":[57],"or":[58],"rely":[59],"manually":[61],"written":[62],"taint":[63],"specifications":[64],"most":[67],"popular":[68],"libraries":[69],"ensure":[71],"scalability.":[73]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":9},{"year":2020,"cited_by_count":3}],"updated_date":"2026-03-22T08:09:32.410652","created_date":"2025-10-10T00:00:00"}