Home|Research|Publications|CV

List of Publications

Publications in 2008:

Paper
BibTex
WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation
W. Halfond, A. Orso and P. Manolios
IEEE Transactions on Software Engineering.

Publications in 2007:

Paper
BibTex
Slides
Improving Test Case Generation for Web Applications Using Automated Interface Discovery
W. Halfond and A. Orso
Foundations of Software Engineering (ESEC/FSE 2007).

Publications in 2006:

Paper
BibTex
Slides
Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks
W. Halfond, A. Orso and P. Manolios
Foundations of Software Engineering (FSE 2006)
Paper
BibTex
Slides
Command-Form Coverage for Testing Database Applications
W. Halfond and A. Orso
Automated Software Engineering (ASE 2006)
Paper
BibTex
Slides
Preventing SQL Injection Attacks Using AMNESIA
W. Halfond and A. Orso
International Conference on Software Engineering (ICSE 2006) - Formal Demo
Paper
BibTex
Slides
A Classification of SQL Injection Attacks and Prevention Techniques
W. Halfond, J. Viegas and A. Orso
International Symposium on Secure Software Engineering (ISSSE 2006)

Publications in 2005:

Paper
BibTex
Slides
AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks
W. Halfond and A. Orso
Automated Software Engineering (ASE 2005)
Paper
BibTex
Slides
Combining Static Analysis and Runtime Monitoring to Counter SQL-Injection Attacks
W. Halfond and A. Orso
Workshop on Dynamic Analysis (WODA 2005)
Home|Research|Publications|CV