To mitigate this well-known problem and provide greater control over what is being executed within the application context, the project aims to build a knowledge base containing the behavioral models of scripts and vendors on the web.
This enables the creation of rulesets that determine the actions a specific vendor or script can perform in a web application - known as Script Fencing.
Inherent to this goal, three other objectives of the project can be highlighted:
Database Query Module
Implementing a module that enables querying the database using recognized scripts as input.
AI-Powered Script Classification
Utilizing Artificial Intelligence models to accurately identify and classify scripts.
Automatic Script Fencing Rules
Generating Script Fencing rules automatically.
The ORACLE solution aims to address the problem of automatically generating rules that can proactively block any behavior that does not fit the expected behavioral model of a vendor or script.
Although the project focuses on this specific use case, it has unlimited growth potential, as it offers an updated database for various service providers that increases visibility over them and assists in decision-making.
Jscrambler
Jscrambler, a global leader in Client-Side Protection and Compliance, serves as the principal co-promoter of this project, contributing its extensive expertise in securing client-side applications and monitoring behaviors in web environments. The project aims to improve the security of client-side applications by developing a prototype that monitors and classifies behaviors in web applications, identifying risks and potential threats using Artificial Intelligence.
In this context, Jscrambler will leverage its experience in analyzing and protecting web applications to support mapping interactions between resources and behaviors. This expertise will be key to enabling a detailed risk assessment and advancing the development of innovative solutions for detecting and mitigating security threats. Jscrambler’s contribution focuses on its deep understanding of JavaScript behaviors, runtime analysis, and risk classification, aligning with the project’s goal of providing actionable insights into client-side security.
By combining practical security applications with the project’s research objectives, Jscrambler will help deliver impactful results that strengthen the protection of client-side applications and advance both technical and academic outcomes. This includes supporting and disseminating results through academic theses, publications, and educational materials, reinforcing the project’s contribution to advancing security standards in web environments.
CCG/ZGDV Institute
With more than 30 years of experience as an interface between the research ecosystem and the business world, the CCG/ZGDV Institute is today one of the most renowned technology and innovation centers in Information and Communication Technologies (ICT). It focuses on applied research and technological innovation for the digital economy, designing and prototyping new processes, services, and high-value products in computer graphics, ubiquitous computing, human-machine interaction, and information engineering. The CCG/ZGDV's mission is to boost the growth and innovation of companies, organizations, and the economy in general, responding to global market challenges.
