Control-flow integrity, Proceedings of the 12th ACM conference on Computer and communications security , CCS '05, 2005. ,
DOI : 10.1145/1102120.1102165
Preventing Memory Error Exploits with WIT, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008. ,
DOI : 10.1109/SP.2008.30
Analyse de vulnérabilités et évaluation de systèmes de détection d'intrusions pour les applications Web, 2012. ,
State of the Art: Automated Black-Box Web Application Vulnerability Testing, 2010 IEEE Symposium on Security and Privacy, 2010. ,
DOI : 10.1109/SP.2010.27
Securing software by enforcing data-flow integrity, Paper presented at the 7th USENIX Symposium on Operating Systems Design and Implementation, 2006. ,
Anomalous Taint Detection, 2008. ,
DOI : 10.1007/978-3-540-87403-4_34
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.309.9166
Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications, Paper presented at the International Symposium on Recent Advances in Intrusion Detection (RAID), 2007. ,
DOI : 10.1007/978-3-540-74320-0_4
Implementing secure dependencies over a network by designing a distributed security subsystem, Paper presented at the Third European Symposium on Research in Computer Security (ESORICS'94), 1994. ,
A Clustering Approach for Web Vulnerabilities Detection, 2011 IEEE 17th Pacific Rim International Symposium on Dependable Computing, 2011. ,
DOI : 10.1109/PRDC.2011.31
URL : https://hal.archives-ouvertes.fr/hal-00755212
Why Johnny Can???t Pentest: An Analysis of Black-Box Web Vulnerability Scanners, 2010. ,
DOI : 10.1007/978-3-642-14215-4_7
The Daikon system for dynamic detection of likely invariants, Science of Computer Programming, vol.69, issue.1-3, pp.35-45, 2007. ,
DOI : 10.1016/j.scico.2007.01.015
Toward Automated Detection of Logic Vulnerabilities in Web Applications, Paper presented at the 19th USENIX Security Symposium, 2010. ,
Affine relationships among variables of a program, Acta Informatica, vol.6, issue.2, 1976. ,
DOI : 10.1007/BF00268497
Secure execution via program shepherding, Paper presented at the Usenix Security Symposium, 2002. ,
Detecting attacks against data in web applications, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS), 2012. ,
DOI : 10.1109/CRISIS.2012.6378943
URL : https://hal.archives-ouvertes.fr/hal-00735997
Using Generalization and Characterization Techniques in the Anomaly-based Detection of Web Attacks, Paper presented at the Network and Distributed System Security Symposium, 2006. ,
Application Data Consistency Checking for Anomaly Based Intrusion Detection, Paper presented at the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems, 2009. ,
DOI : 10.1007/978-3-642-05118-0_50
URL : https://hal.archives-ouvertes.fr/hal-00424584
A stateful intrusion detection system for world-wide web servers, 19th Annual Computer Security Applications Conference, 2003. Proceedings., 2003. ,
DOI : 10.1109/CSAC.2003.1254308