References

  1. David Hauzar & Jan Kofroň (2012): On Security Analysis of PHP Web Applications. In: STPSA 2012. IEEE, pp. 577–582, doi:10.1109/COMPSACW.2012.106.
  2. David Hauzar & Jan Kofroň (2014): Weverca. http://d3s.mff.cuni.cz/projects/formal_methods/weverca/.
  3. Dongseok Jang & Kwang-Moo Choe (2009): Points-to analysis for JavaScript. SAC '09. ACM, New York, NY, USA, pp. 1930–1937, doi:10.1145/1529282.1529711.
  4. N. Jovanovic, C. Kruegel & E. Kirda (2006): Pixy: a static analysis tool for detecting Web application vulnerabilities. In: S&P'06. IEEE, doi:10.1109/SP.2006.29.
  5. Etienne Kneuss, Philippe Suter & Viktor Kuncak (2010): Runtime Instrumentation for Precise Flow-Sensitive Type Analysis. In: RV, pp. 300–314, doi:10.1007/978-3-642-16612-9_23.
  6. Benjamin Livshits & Stephen Chong (2013): Towards Fully Automatic Placement of Security Sanitizers and Declassifiers. POPL '13. ACM, New York, NY, USA, pp. 385–398, doi:10.1145/2429069.2429115.
  7. Flemming Nielson, Hanne R. Nielson & Chris Hankin (1999): Principles of Program Analysis. Springer-Verlag New York, Inc., Secaucus, NJ, USA, doi:10.1007/978-3-662-03811-6.
  8. Max Schäfer, Manu Sridharan, Julian Dolby & Frank Tip (2013): Dynamic Determinacy Analysis. PLDI '13. ACM, New York, NY, USA, pp. 165–174, doi:10.1145/2499370.2462168.
  9. Manu Sridharan (2011): F4F: Taint Analysis of Framework-based Web Applications. OOPSLA '11. ACM, New York, NY, USA, pp. 1053–1068, doi:10.1145/2048066.2048145.
  10. Manu Sridharan (2012): Correlation Tracking for Points-to Analysis of Javascript. ECOOP'12. Springer-Verlag, Berlin, Heidelberg, pp. 435–458, doi:10.1007/978-3-642-31057-7_20.
  11. Omer Tripp (2009): TAJ: Effective Taint Analysis of Web Applications. PLDI '09. ACM, New York, NY, USA, pp. 87–97, doi:10.1145/1542476.1542486.
  12. Omer Tripp (2013): ANDROMEDA: Accurate and Scalable Security Analysis of Web Applications. FASE'13. Springer-Verlag, Berlin, Heidelberg, pp. 210–225, doi:10.1007/978-3-642-37057-1_15.
  13. Shiyi Wei & Barbara G. Ryder (2013): Practical Blended Taint Analysis for JavaScript. ISSTA 2013. ACM, New York, NY, USA, pp. 336–346, doi:10.1145/2483760.2483788.
  14. Fang Yu, Muath Alkhalaf & Tevfik Bultan (2010): Stranger: An automata-based string analysis tool for PHP. TACAS'10, doi:10.1007/978-3-642-12002-2_13.
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org