JavaScript Library Version Detection

2023 46th MIPRO ICT and Electronics Convention (MIPRO) Pub Date : 2023-05-22 DOI:10.23919/MIPRO57284.2023.10159725

Vilim Pagon, Bruno Skendrovic, Ivan Kovačević, S. Groš

{"title":"JavaScript Library Version Detection","authors":"Vilim Pagon, Bruno Skendrovic, Ivan Kovačević, S. Groš","doi":"10.23919/MIPRO57284.2023.10159725","DOIUrl":null,"url":null,"abstract":"There are more than 1.6 billion websites today, and almost every one of them uses JavaScript libraries. Knowing that, it’s very important to show problems that occur as a result of not paying enough attention to security, such as using outdated versions of JavaScript libraries, insecure libraries, and so on. This paper proposes an algorithm for JavaScript library version detection. The algorithm detects version of JavaScript libraries based on differences between neighboring library versions. It’s designed in such a way that it can be run periodically and automatically on a server. The paper also presents results and efficiency of the algorithm on a smaller set of data collected from the Croatian Web space. The success of the algorithm in detecting the correct version is about 50%, and the range of probable versions is an additional 25%. From these results, i.e. the detected versions, we found that the JavaScript libraries used on the websites of the Croatian web space are not regularly updated. Limitations and also possible potential improvements to the algorithm are listed at the end of the paper.","PeriodicalId":177983,"journal":{"name":"2023 46th MIPRO ICT and Electronics Convention (MIPRO)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 46th MIPRO ICT and Electronics Convention (MIPRO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/MIPRO57284.2023.10159725","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

There are more than 1.6 billion websites today, and almost every one of them uses JavaScript libraries. Knowing that, it’s very important to show problems that occur as a result of not paying enough attention to security, such as using outdated versions of JavaScript libraries, insecure libraries, and so on. This paper proposes an algorithm for JavaScript library version detection. The algorithm detects version of JavaScript libraries based on differences between neighboring library versions. It’s designed in such a way that it can be run periodically and automatically on a server. The paper also presents results and efficiency of the algorithm on a smaller set of data collected from the Croatian Web space. The success of the algorithm in detecting the correct version is about 50%, and the range of probable versions is an additional 25%. From these results, i.e. the detected versions, we found that the JavaScript libraries used on the websites of the Croatian web space are not regularly updated. Limitations and also possible potential improvements to the algorithm are listed at the end of the paper.

查看原文本刊更多论文

JavaScript库版本检测

今天有超过16亿个网站，几乎每个网站都使用JavaScript库。了解了这一点，就非常有必要展示由于对安全性不够重视而出现的问题，例如使用过时版本的JavaScript库、不安全的库等等。本文提出了一种JavaScript库版本检测算法。该算法基于相邻库版本之间的差异来检测JavaScript库的版本。它被设计成可以定期自动地在服务器上运行。本文还介绍了该算法在从克罗地亚Web空间收集的较小数据集上的结果和效率。该算法检测正确版本的成功率约为50%，可能版本的范围为25%。从这些结果中，即检测到的版本，我们发现克罗地亚网络空间网站上使用的JavaScript库没有定期更新。本文最后列出了该算法的局限性和可能的改进。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 46th MIPRO ICT and Electronics Convention (MIPRO)

自引率

0.00%

发文量