Dongseok Jang

Learn More
The dynamic nature of JavaScript web applications has given rise to the possibility of privacy violating information flows. We present an empirical study of the prevalence of such flows on a large number of popular websites. We have (1) designed an expressive, fine-grained information flow policy language that allows us to specify and detect different kinds(More)
Several defenses have increased the cost of traditional, low-level attacks that corrupt control data, e.g. return addresses saved on the stack, to compromise program execution. In response, creative adversaries have begun circumventing these defenses by exploiting programming errors to manipulate pointers to virtual tables, or vtables, of C++ objects. These(More)
JavaScript is widely used by web developers and the complexity of JavaScript programs has increased over the last year. Therefore, the need for program analysis for JavaScript is evident. Points-to analysis for JavaScript is to determine the set of objects to which a reference variable or an object property may point. Points-to analysis for JavaScript is a(More)
Web browsers mediate access to valuable private data in domains ranging from health care to banking. Despite this critical role, attackers routinely exploit browser vulnerabilities to exfiltrate private data and take over the underlying system. We present QUARK, a browser whose kernel has been implemented and verified in Coq. We give a specification of our(More)
Implementing systems in proof assistants like Coq and proving their correctness in full formal detail has consistently demonstrated promise for making extremely strong guarantees about critical software, ranging from compilers and operating systems to databases and web browsers. Unfortunately, these verifications demand such heroic manual proof effort, even(More)
Adobe Flash is a rich Internet application platform. Flash applications are often deployed to the Web; The Flash Player plugin is installed on a large fraction of all Webconnected PCs. Flash provides a mechanism by which sites can opt in to more expressive information sharing regimes than the same-origin policy for JavaScript allows. A site that wishes to(More)
A high performance, stretchable UV sensor array was fabricated based on an active matrix (AM) device that combined field effect transistors of SWCNTs and SnO2 nanowires. The AM devices provided spatial UV sensing via the individual sensors in the array. SnO2 NW UV sensors showed an average photosensitivity of ∼10(5) and a photoconductive gain of ∼10(6)(More)
  • 1