Detecting equality of variables in programs
POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Global value numbers and redundant computations
POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Interconvertibility of a class of set constraints and context-free-language reachability
Theoretical Computer Science - Partial evaluation and semantics-based program manipulation
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
ACM Transactions on Internet Technology (TOIT)
Programming Perl
TAPSOFT '95 Proceedings of the 6th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
XDuce: A statically typed XML processing language
ACM Transactions on Internet Technology (TOIT)
CDuce: an XML-centric general-purpose language
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
Extending Java for high-level Web service construction
ACM Transactions on Programming Languages and Systems (TOPLAS)
Journal of Functional Programming
An efficient compiler for weighted rewrite rules
ACL '96 Proceedings of the 34th annual meeting on Association for Computational Linguistics
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Static Checking of Dynamically Generated Queries in Database Applications
Proceedings of the 26th International Conference on Software Engineering
Grammar-based analysis of string expressions
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Precise alias analysis for static detection of web application vulnerabilities
Proceedings of the 2006 workshop on Programming languages and analysis for security
Beyond PageRank: machine learning for static ranking
Proceedings of the 15th international conference on World Wide Web
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
End-to-end web application security
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Static detection of cross-site scripting vulnerabilities
Proceedings of the 30th international conference on Software engineering
Dynamic test input generation for web applications
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Finding bugs in dynamic web applications
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
A Translation from the HTML DTD into a Regular Hedge Grammar
CIAA '08 Proceedings of the 13th international conference on Implementation and Applications of Automata
Symbolic String Verification: An Automata-Based Approach
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Automated identification of parameter mismatches in web applications
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Copy-on-write in the PHP language
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Web application modeling for testing and analysis
Proceedings of the 2008 Foundations of Software Engineering Doctoral Symposium
Automated Software Engineering
TAJ: effective taint analysis of web applications
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
A decision procedure for subset constraints over regular languages
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Modular string-sensitive permission analysis with demand-driven precision
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Automatic creation of SQL Injection and cross-site scripting attacks
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Locating need-to-translate constant strings for software internationalization
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
HAMPI: a solver for string constraints
Proceedings of the eighteenth international symposium on Software testing and analysis
Abstract Parsing: Static Analysis of Dynamically Generated String Output Using LR-Parsing Technology
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Abstract parsing for two-staged languages with concatenation
GPCE '09 Proceedings of the eighth international conference on Generative programming and component engineering
Higher-order multi-parameter tree transducers and recursion schemes for program verification
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verified decision procedures on context-free grammars
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
Practical fault localization for dynamic web applications
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Static analysis for detecting taint-style vulnerabilities in web applications
Journal of Computer Security
Solving string constraints lazily
Proceedings of the IEEE/ACM international conference on Automated software engineering
Locating need-to-translate constant strings in web applications
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Static analysis of multi-staged programs via unstaging translation
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Flexible in-lined reference monitor certification: challenges and future directions
Proceedings of the 5th ACM workshop on Programming languages meets program verification
An evaluation of automata algorithms for string analysis
VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
String analysis as an abstract interpretation
VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
Verification of tree-processing programs via higher-order model checking
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Statically locating web application bugs caused by asynchronous calls
Proceedings of the 20th international conference on World wide web
Relational string verification using multi-track automata
CIAA'10 Proceedings of the 15th international conference on Implementation and application of automata
Time-weighted web authoritative ranking
Information Retrieval
Patching vulnerabilities with sanitization synthesis
Proceedings of the 33rd International Conference on Software Engineering
HTML Validation of context-free languages
FOSSACS'11/ETAPS'11 Proceedings of the 14th international conference on Foundations of software science and computational structures: part of the joint European conferences on theory and practice of software
Path- and index-sensitive string analysis based on monadic second-order logic
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Saving the world wide web from vulnerable JavaScript
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Fast and precise sanitizer analysis with BEK
SEC'11 Proceedings of the 20th USENIX conference on Security
Static detection of access control vulnerabilities in web applications
SEC'11 Proceedings of the 20th USENIX conference on Security
HAMPI: a string solver for testing, analysis and vulnerability detection
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
String abstractions for string verification
Proceedings of the 18th international SPIN conference on Model checking software
Checking enforcement of integrity constraints in database applications based on code patterns
Journal of Systems and Software
Formal modeling
Static analysis of string values
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Static analysis for java servlets and JSP
SAS'06 Proceedings of the 13th international conference on Static Analysis
Symbolic finite state transducers: algorithms and applications
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automated removal of cross site scripting vulnerabilities in web applications
Information and Software Technology
Automatically preparing safe SQL queries
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
XML validation for context-free grammars
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
A practical string analyzer by the widening approach
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
STRANGER: an automata-based string analysis tool for PHP
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Automated code injection prevention for web applications
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Domain and value checking of web application invocation arguments
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Auto-locating and fix-propagating for HTML validation errors to PHP server-side code
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
A type system for regular expressions
Proceedings of the 14th Workshop on Formal Techniques for Java-like Programs
Hash-flow taint analysis of higher-order programs
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Automated repair of HTML generation errors in PHP applications using string constraint solving
Proceedings of the 34th International Conference on Software Engineering
Verifying client-side input validation functions using string analysis
Proceedings of the 34th International Conference on Software Engineering
Proceedings of the 34th International Conference on Software Engineering
HAMPI: A solver for word equations over strings, regular expressions, and context-free grammars
ACM Transactions on Software Engineering and Methodology (TOSEM)
Automating presentation changes in dynamic web applications via collaborative hybrid analysis
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
ANDROMEDA: accurate and scalable security analysis of web applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Unbounded model-checking with interpolation for regular language constraints
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Finding your way in the testing jungle: a learning approach to web security testing
Proceedings of the 2013 International Symposium on Software Testing and Analysis
Extracting URLs from JavaScript via program analysis
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Path- and index-sensitive string analysis based on monadic second-order logic
ACM Transactions on Software Engineering and Methodology (TOSEM) - Testing, debugging, and error handling, formal methods, lifecycle concerns, evolution and maintenance
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Proceedings of the 9th Central & Eastern European Software Engineering Conference in Russia
Automata-based symbolic string analysis for vulnerability detection
Formal Methods in System Design
| Hi-index | 0.00 |
Server-side programming is one of the key technologies that support today's WWW environment. It makes it possible to generate Web pages dynamically according to a user's request and to customize pages for each user. However, the flexibility obtained by server-side programming makes it much harder to guarantee validity and security of dynamically generated pages.To check statically the properties of Web pages generated dynamically by a server-side program, we develop a static program analysis that approximates the string output of a program with a context-free grammar. The approximation obtained by the analyzer can be used to check various properties of a server-side program and the pages it generates.To demonstrate the effectiveness of the analysis, we have implemented a string analyzer for the server-side scripting language PHP. The analyzer is successfully applied to publicly available PHP programs to detect cross-site scripting vulnerabilities and to validate pages they generate dynamically.