Type-Based Taint Analysis for Java Web Applications
暂无分享,去创建一个
Ana Milanova | Yao Dong | Wei Huang | Wei Huang | A. Milanova | Yao Dong
[1] Michael D. Ernst,et al. Ownership and immutability in generic Java , 2010, OOPSLA.
[2] Jan Vitek,et al. A Type System for Data-Centric Synchronization , 2010, ECOOP.
[3] Jacques Klein,et al. Highly precise taint analysis for Android applications , 2013 .
[4] Ana Milanova,et al. Static Object Race Detection , 2011, APLAS.
[5] Michael D. Ernst,et al. Javari: adding reference immutability to Java , 2005, OOPSLA '05.
[6] Gregor Snelting,et al. Efficient path conditions in dependence graphs for software safety analysis , 2006, TSEM.
[7] Andrew C. Myers,et al. JFlow: practical mostly-static information flow control , 1999, POPL '99.
[8] Patrick Cousot,et al. Andromeda: Accurate and Scalable Security Analysis of Web Applications , 2013, FASE.
[9] Ana Milanova,et al. Dataflow and Type-based Formulations for Reference Immutability , 2012 .
[10] Dennis Giffhorn,et al. Precise Analysis of Java Programs Using JOANA , 2008, 2008 Eighth IEEE International Working Conference on Source Code Analysis and Manipulation.
[11] Manu Sridharan,et al. TAJ: effective taint analysis of web applications , 2009, PLDI '09.
[12] Ana Milanova,et al. Composing polymorphic information flow systems with reference immutability , 2013, FTfJP@ECOOP.
[13] Andrew C. Myers,et al. Parameterized types for Java , 1997, POPL '97.
[14] Benjamin Livshits,et al. Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.
[15] Michael D. Ernst,et al. Inference and Checking of Object Ownership , 2012, ECOOP.
[16] Jan Vitek,et al. A data-centric approach to synchronization , 2012, TOPL.
[17] J. Meseguer,et al. Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.
[18] David A. Wagner,et al. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .
[19] Michael D. Ernst,et al. Building and using pluggable type-checkers , 2011, 2011 33rd International Conference on Software Engineering (ICSE).
[20] Sophia Drossopoulou,et al. Universe Types for Topology and Encapsulation , 2007, FMCO.
[21] Michael D. Ernst,et al. Practical pluggable types for java , 2008, ISSTA '08.
[22] Michael D. Ernst,et al. Reim & ReImInfer: checking and inference of reference immutability and method purity , 2012, OOPSLA '12.
[23] Alexander Aiken,et al. A theory of type qualifiers , 1999, PLDI '99.
[24] Peter Müller,et al. Universes: Lightweight Ownership for JML , 2005, J. Object Technol..
[25] James Noble,et al. Ownership types for flexible alias protection , 1998, OOPSLA '98.
[26] Dan Grossman,et al. EnerJ: approximate data types for safe and general low-power computation , 2011, PLDI '11.
[27] Michael D. Ernst,et al. Object and reference immutability using Java generics , 2007, ESEC-FSE '07.
[28] Geoffrey Smith,et al. A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..
[29] Jens Krinke,et al. Intransitive Noninterference in Dependence Graphs , 2006, Second International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (isola 2006).
[30] Shay Artzi,et al. F4F: taint analysis of framework-based web applications , 2011, OOPSLA '11.
[31] Barbara G. Ryder,et al. Parameterized object sensitivity for points-to analysis for Java , 2005, TSEM.
[32] Bjarne Steensgaard,et al. Points-to analysis in almost linear time , 1996, POPL '96.
[33] Lars Ole Andersen,et al. Program Analysis and Specialization for the C Programming Language , 2005 .
[34] Jeffrey S. Foster,et al. Type qualifier inference for java , 2007, OOPSLA.
[35] Gregor Snelting,et al. Static path conditions for Java , 2008, PLAS '08.
[36] Monica S. Lam,et al. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams , 2004, PLDI '04.
[37] James Noble. ECOOP 2012 – Object-Oriented Programming , 2012, Lecture Notes in Computer Science.