Preventing SQL injection attacks using AMNESIA
Proceedings of the 28th international conference on Software engineering
Bridging the gap between web application firewalls and web applications
Proceedings of the fourth ACM workshop on Formal methods in security
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Using web application construction frameworks to protect against code injection attacks
Proceedings of the 2007 workshop on Programming languages and analysis for security
AjaxScope: a platform for remotely monitoring the client-side behavior of web 2.0 applications
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Type qualifier inference for java
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Multi-module vulnerability analysis of web-based applications
Proceedings of the 14th ACM conference on Computer and communications security
A state coverage tool for JUnit
Companion of the 30th international conference on Software engineering
Spectator: detection and containment of JavaScript worms
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
A Provenance-Based Fault Tolerance Mechanism for Scientific Workflows
Provenance and Annotation of Data and Processes
Merlin: specification inference for explicit information flow problems
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Ripley: automatically securing web 2.0 applications through replicated execution
Proceedings of the 16th ACM conference on Computer and communications security
Efficient character-level taint tracking for Java
Proceedings of the 2009 ACM workshop on Secure web services
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
Policy-based intrusion detection in web applications by monitoring Java information flows
International Journal of Information and Computer Security
SUDS: an infrastructure for creating dynamic software defect detection tools
Automated Software Engineering
AjaxScope: A Platform for Remotely Monitoring the Client-Side Behavior of Web 2.0 Applications
ACM Transactions on the Web (TWEB)
Proceedings of the 3rd international conference on Security of information and networks
Nemesis: preventing authentication & access control vulnerabilities in web applications
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Preventing web application injections with complementary character coding
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
SCRIPTGARD: automatic context-sensitive sanitization for large-scale legacy web applications
Proceedings of the 18th ACM conference on Computer and communications security
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Towards a taint mode for cloud computing web applications
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Uncovering performance problems in Java applications with reference propagation profiling
Proceedings of the 34th International Conference on Software Engineering
Implementing erasure policies using taint analysis
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
A taint mode for python via a library
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
ADEL: an automatic detector of energy leaks for smartphone applications
Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
TreeDroid: a tree automaton based approach to enforcing data processing policies
Proceedings of the 2012 ACM conference on Computer and communications security
Dynamic information flow control architecture for web applications
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Towards fully automatic placement of security sanitizers and declassifiers
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Detecting control flow in smarphones: combining static and dynamic analyses
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Static vulnerability detection in Java service-oriented components
Journal in Computer Virology
Practical information flow for legacy web applications
Proceedings of the 8th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
A survey on server-side approaches to securing web applications
ACM Computing Surveys (CSUR)
Hi-index | 0.02 |
When will we be secure? Nobody knows for surebut it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers' stated needs, but also sufficient assurance of quality, reliability, safety, ...