Title

Existence of Dependency-Based Attacks in NodeJS Environment

Author

Prachi R. Patel, Iowa State UniversityFollow

Degree Type

Creative Component

Semester of Graduation

Fall 2018

Department

Electrical and Computer Engineering

First Major Professor

Doug Jacobson

Second Major Professor

Ben-Othmane, Lotfi

Degree(s)

Master of Science (MS)

Major(s)

Computer Engineering

Abstract

Node.js is an open source server-side run-time platform for JavaScript applications. Node.js applications are dependent on several, even hundreds, packages, which in turn have many dependencies. There is always a risk of malicious code hidden in one of these dependencies.

This work analyzes vulnerabilities found in Node.js based applications, discusses basic types of attacks and reports about the assessment of five frequently-used Node.js packages.

Copyright Owner

Prachi Patel

Copyright Year

2018

File Format

application/pdf

Recommended Citation

Patel, Prachi R., "Existence of Dependency-Based Attacks in NodeJS Environment" (2018). Creative Components. 91.
https://lib.dr.iastate.edu/creativecomponents/91