François Gauthier

31 papers A* 1A 4B 1C 2Journal 7Unranked 16

Year	Rank	Type	Title / Venue / Authors
2025	—	`conf`	Mimicry-Based Testing of Runtime SQLi Prevention Approaches. SBFT@ICSE Anjana Perera, François Gauthier, Kostyantyn Vorobyov, Matthew Harris, Padmanabhan Krishnan
2024	—	`conf`	Synthesis of Allowlists for Runtime Protection against SQLi. NIER@ICSE Kostyantyn Vorobyov, François Gauthier, Padmanabhan Krishnan
2023	—	`conf`	Crystallizer: A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities. ESEC/SIGSOFT FSE Prashast Srivastava, Flavio Toffalini, Kostyantyn Vorobyov, François Gauthier, Antonio Bianchi, Mathias Payer
2023	J	`jnl`	The role of program analysis in security vulnerability detection: Then and now. Comput. Secur. Cristina Cifuentes, François Gauthier, Behnaz Hassanshahi, Padmanabhan Krishnan, Davin McCall
2022	A	`conf`	Experience: Model-Based, Feedback-Driven, Greybox Web Fuzzing with BackREST. ECOOP François Gauthier, Behnaz Hassanshahi, Benjamin Selwyn-Smith, Trong Nhan Mai, Max Schlüter, Micah Williams
2022	—	`conf`	Runtime Prevention of Deserialization Attacks. ICSE (NIER) François Gauthier, Sora Bae
2022	J	`jnl`	Runtime Prevention of Deserialization Attacks. CoRR François Gauthier, Sora Bae
2022	B	`conf`	Synthesis of Java Deserialisation Filters from Examples. COMPSAC Kostyantyn Vorobyov, François Gauthier, Sora Bae, Padmanabhan Krishnan, Rebecca O'Donoghue
2021	J	`jnl`	BackREST: A Model-Based Feedback-Driven Greybox Fuzzer for Web Applications. CoRR François Gauthier, Behnaz Hassanshahi, Benjamin Selwyn-Smith, Trong Nhan Mai, Max Schlüter, Micah Williams
2021	J	`jnl`	IFDS Taint Analysis with Access Paths. CoRR Nicholas Allen, François Gauthier, Alexander Jordan
2020	—	`conf`	Trade-offs in managing risk and technical debt in industrial research labs: an experience report. TechDebt@ICSE François Gauthier, Alexander Jordan, Padmanabhan Krishnan, Behnaz Hassanshahi, Jörn Guy Süß, Sora Bae, Hyunjun Lee
2019	—	`conf`	Nodest: feedback-driven static analysis of Node.js applications. ESEC/SIGSOFT FSE Benjamin Barslev Nielsen, Behnaz Hassanshahi, François Gauthier
2019	—	`conf`	Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation. PLAS@CCS Alexander Jordan, François Gauthier, Behnaz Hassanshahi, David Zhao
2018	—	`conf`	AFFOGATO: runtime detection of injection attacks for Node.js. ISSTA/ECOOP Workshops François Gauthier, Behnaz Hassanshahi, Alexander Jordan
2018	—	`conf`	Driver Generation for Java EE Web Applications. ASWEC Jens Dietrich, François Gauthier, Padmanabhan Krishnan
2018	J	`jnl`	Reference Abstract Domains and Applications to String Analysis. Fundam. Informaticae Roberto Amadini, Graeme Gange, François Gauthier, Alexander Jordan, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang
2018	J	`jnl`	SAFE-PDF: Robust Detection of JavaScript PDF Malware Using Abstract Interpretation. CoRR Alexander Jordan, François Gauthier, Behnaz Hassanshahi, David Zhao
2018	—	`conf`	Scalable Static Analysis to Detect Security Vulnerabilities: Challenges and Solutions. SecDev François Gauthier, Nathan Keynes, Nicholas Allen, Diane Corney, Padmanabhan Krishnan
2018	J	`jnl`	Vandal: A Scalable Security Analysis Framework for Smart Contracts. CoRR Lexi Brent, Anton Jurisevic, Michael Kong, Eric Liu, François Gauthier, Vincent Gramoli, Ralph Holz, Bernhard Scholz
2017	—	`conf`	Combining String Abstract Domains for JavaScript Analysis: An Evaluation. TACAS (1) Roberto Amadini, Alexander Jordan, Graeme Gange, François Gauthier, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang
2016	—	`conf`	JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications. PLAS@CCS Antonín Steinhauser, François Gauthier
2015	—	`conf`	Evolutionary analysis of access control models: a formal concept analysis method. CASCON Zhuobing Han, Mathieu Mérineau, François Gauthier, Ettore Merlo, Xiaohong Li, Eleni Stroulia
2014	A	`conf`	Supporting Maintenance and Evolution of Access Control Models in Web Applications. ICSME François Gauthier, Ettore Merlo, Eleni Stroulia, David Turner
2013	A*	`conf`	Semantic smells and errors in access control models: a case study in PHP. ICSE François Gauthier, Ettore Merlo
2013	A	`conf`	Uncovering access control weaknesses and flaws with security-discordant software clones. ACSAC François Gauthier, Thierry Lavoie, Ettore Merlo
2012	C	`conf`	Alias-Aware Propagation of Simple Pattern-Based Properties in PHP Applications. SCAM François Gauthier, Ettore Merlo
2012	—	`conf`	Fast Detection of Access Control Vulnerabilities in PHP Applications. WCRE François Gauthier, Ettore Merlo
2012	—	`conf`	Investigation of Access Control Models with Formal Concept Analysis: A Case Study. CSMR François Gauthier, Ettore Merlo
2012	—	`conf`	Targeted genetic test SQL generation for the DB2 database. DBTest Dominic Letarte, François Gauthier, Ettore Merlo, Nattavut Sutyanyong, Calisto Zuzarte
2011	C	`conf`	Extraction and comprehension of moodle's access control model: A case study. PST François Gauthier, Dominic Letarte, Thierry Lavoie, Ettore Merlo
2011	A	`conf`	Security Model Evolution of PHP Web Applications. ICST Dominic Letarte, François Gauthier, Ettore Merlo