François Gauthier

Orcid: 0000-0002-9470-5081

Affiliations:
  • Oracle Labs, Brisbane, QLD, Australia
  • Polytechnique Montréal, QC, Canada (former)


According to our database1, François Gauthier authored at least 29 papers between 2011 and 2024.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Synthesis of Allowlists for Runtime Protection against SQLi.
Proceedings of the 2024 ACM/IEEE 44th International Conference on Software Engineering: New Ideas and Emerging Results, 2024

2023
The role of program analysis in security vulnerability detection: Then and now.
Comput. Secur., December, 2023

Crystallizer: A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities.
Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2023

2022
Runtime Prevention of Deserialization Attacks.
Proceedings of the 44th IEEE/ACM International Conference on Software Engineering: New Ideas and Emerging Results ICSE (NIER) 2022, 2022

Experience: Model-Based, Feedback-Driven, Greybox Web Fuzzing with BackREST.
Proceedings of the 36th European Conference on Object-Oriented Programming, 2022

Synthesis of Java Deserialisation Filters from Examples.
Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conferenc, 2022

2021
BackREST: A Model-Based Feedback-Driven Greybox Fuzzer for Web Applications.
CoRR, 2021

IFDS Taint Analysis with Access Paths.
CoRR, 2021

2020
Trade-offs in managing risk and technical debt in industrial research labs: an experience report.
Proceedings of the TechDebt '20: International Conference on Technical Debt, 2020

2019
Nodest: feedback-driven static analysis of Node.js applications.
Proceedings of the ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019

Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation.
Proceedings of the 14th ACM SIGSAC Workshop on Programming Languages and Analysis for Security, 2019

2018
Reference Abstract Domains and Applications to String Analysis.
Fundam. Informaticae, 2018

SAFE-PDF: Robust Detection of JavaScript PDF Malware Using Abstract Interpretation.
CoRR, 2018

Vandal: A Scalable Security Analysis Framework for Smart Contracts.
CoRR, 2018

Scalable Static Analysis to Detect Security Vulnerabilities: Challenges and Solutions.
Proceedings of the 2018 IEEE Cybersecurity Development, SecDev 2018, Cambridge, MA, USA, 2018

AFFOGATO: runtime detection of injection attacks for Node.js.
Proceedings of the Companion Proceedings for the ISSTA/ECOOP 2018 Workshops, 2018

Driver Generation for Java EE Web Applications.
Proceedings of the 25th Australasian Software Engineering Conference, 2018

2017
Combining String Abstract Domains for JavaScript Analysis: An Evaluation.
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2017

2016
JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications.
Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, 2016

2015
Evolutionary analysis of access control models: a formal concept analysis method.
Proceedings of 25th Annual International Conference on Computer Science and Software Engineering, 2015

2014
Supporting Maintenance and Evolution of Access Control Models in Web Applications.
Proceedings of the 30th IEEE International Conference on Software Maintenance and Evolution, Victoria, BC, Canada, September 29, 2014

2013
Semantic smells and errors in access control models: a case study in PHP.
Proceedings of the 35th International Conference on Software Engineering, 2013

Uncovering access control weaknesses and flaws with security-discordant software clones.
Proceedings of the Annual Computer Security Applications Conference, 2013

2012
Fast Detection of Access Control Vulnerabilities in PHP Applications.
Proceedings of the 19th Working Conference on Reverse Engineering, 2012

Targeted genetic test SQL generation for the DB2 database.
Proceedings of the Fifth International Workshop on Testing Database Systems, 2012

Alias-Aware Propagation of Simple Pattern-Based Properties in PHP Applications.
Proceedings of the 12th IEEE International Working Conference on Source Code Analysis and Manipulation, 2012

Investigation of Access Control Models with Formal Concept Analysis: A Case Study.
Proceedings of the 16th European Conference on Software Maintenance and Reengineering, 2012

2011
Extraction and comprehension of moodle's access control model: A case study.
Proceedings of the Ninth Annual Conference on Privacy, Security and Trust, 2011

Security Model Evolution of PHP Web Applications.
Proceedings of the Fourth IEEE International Conference on Software Testing, 2011


  Loading...