@book{cisuc-2844-2011,
author={José Fonseca },
title={Evaluating the [In]security of Web Applications: A new perspective towards a safer Internet},
publisher={LAP},
volume={1},
edition={1},
isbn={978-3-8454-2174-2},
year=2011,
address={n/a},
}
@article{cisuc-5978-2019,
author={Nunes, P. and Medeiros, I. and José Fonseca and Neves, N. and Correia, M. and Marco Vieira },
title={An empirical study on combining diverse static analysis tools for web security vulnerabilities based on development scenarios},
journal={Computing},
volume={101},
number={2},
pages={161--185},
year=2019,
address={n/a},
}
@article{cisuc-5681-2018,
author={José Fonseca and Nunes, P. and Marco Vieira and Medeiros, I. and Neves, N. and Correia, M. },
title={Benchmarking Static Analysis Tools for Web Security},
journal={IEEE Transactions on Reliability},
volume={67},
number={3},
pages={1159--1175},
year=2018,
address={n/a},
}
@article{cisuc-3546-2014,
author={José Fonseca and Seixas, N. and Marco Vieira and Madeira, H. },
title={Analysis of Field Data on Web Security Vulnerabilities},
editor={IEEE},
journal={IEEE Transactions on Dependable and Secure Computing},
volume={11},
pages={n/a},
number={2},
year=2014,
address={n/a},
}
@article{cisuc-3547-2014,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Evaluation of Web Security Mechanisms using Vulnerability & Attack Injection},
editor={IEEE},
journal={IEEE Transactions on Dependable and Secure Computing},
volume={11},
pages={n/a},
number={5},
year=2014,
address={n/a},
}
@inproceedings{cisuc-5683-2018,
author={José Fonseca and Marco Vieira and Nunes, P. and Algaith, A. and Gashi, I. },
title={Finding SQL Injection and Cross Site Scripting Vulnerabilities with Diverse Static Analysis Tools},
booktitle={2018 14th European Dependable Computing Conference (EDCC)},
year=2018,
address={n/a},
}
@inproceedings{cisuc-5682-2017,
author={José Fonseca and Nunes, P. and Marco Vieira and Medeiros, I. and Neves, N. and Correia, M. },
title={On Combining Diverse Static Analysis Tools for Web Security: An Empirical Study},
booktitle={2017 13th European Dependable Computing Conference (EDCC)},
year=2017,
address={n/a},
}
@inproceedings{cisuc-4513-2015,
author={Nunes, P. and José Fonseca and Marco Vieira },
title={phpSAFE: A Security Analysis Tool for OOP Web Application Plugins},
booktitle={Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on},
year=2015,
address={n/a},
}
@inproceedings{cisuc-4202-2014,
author={José Fonseca and Marco Vieira },
title={A Practical Experience on the Impact of Plugins in Web Security},
booktitle={The 33rd IEEE Symposium on Reliable Distributed Systems - SRDS 2014},
year=2014,
address={n/a},
}
@inproceedings{cisuc-4208-2013,
author={Materase, F. and Dell’Amura, D. and José Fonseca },
title={A Methodology to Harmonise Safety, Security and Cost-Effectiveness in ATC},
booktitle={Italian Association of Aeronautics and Astronautics XXII Conference},
year=2013,
address={n/a},
}
@inproceedings{cisuc-3061-2012,
author={Materase, F. and José Fonseca and Montefusco, P. },
title={An innovative methodology for maritime security risk management to design cost­effective defence systems},
booktitle={17th International Conference on Ships and Shipping Research and Advancing with Composites 2012 Symposium},
year=2012,
address={n/a},
}
@inproceedings{cisuc-3126-2012,
author={Alfaiate, J. and José Fonseca },
title={Bluetooth security analysis for mobile phones},
booktitle={7th Iberian Conference on Information Systems and Technologies (CISTI 2012)},
year=2012,
address={n/a},
}
@inproceedings{cisuc-2843-2011,
author={Materase, F. and Montefusco, P. and José Fonseca },
title={Looking towards the Single European Sky: a Tailored Security Assessment for Future ATM Systems},
booktitle={CEAS Air&Space; Conference (CEAS 2011) and AIDAA Congress},
year=2011,
address={n/a},
}
@inproceedings{cisuc-2482-2010,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={The Web Attacker Perspective - A Field Study},
booktitle={21st annual International Symposium on Software Reliability Engineering},
year=2010,
address={n/a},
}
@inproceedings{cisuc-2483-2010,
author={Ivano Alessandro Elia and José Fonseca and Marco Vieira },
title={Comparing SQL Injection Detection Tools Using Attack Injection: An Experimental Study},
booktitle={21st annual International Symposium on Software Reliability Engineering},
year=2010,
address={n/a},
}
@inproceedings{cisuc-2064-2009,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Vulnerability & Attack Injection for Web Applications},
booktitle={39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2009)},
year=2009,
address={n/a},
}
@inproceedings{cisuc-2481-2009,
author={Seixas, N. and José Fonseca and Marco Vieira and Madeira, H. },
title={Looking at Web Security Vulnerabilities from the Programming Language Perspective: A Field Study},
booktitle={20th annual International Symposium on Software Reliability Engineering},
year=2009,
address={n/a},
}
@inproceedings{cisuc-1531-2008,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Online Detection of Malicious Data Access Using DBMS Auditing},
booktitle={23rd Annual ACM Symposium on Applied Computing (ACM SAC 2008)},
year=2008,
address={n/a},
}
@inproceedings{cisuc-1673-2008,
author={José Fonseca and Marco Vieira },
title={Mapping Software Faults with Web Security Vulnerabilities},
booktitle={IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2008)},
year=2008,
address={n/a},
}
@inproceedings{cisuc-1769-2008,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Training Security Assurance Teams using Vulnerability Injection},
booktitle={14th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC\'08)},
year=2008,
address={n/a},
}
@inproceedings{cisuc-1444-2007,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Correlating security vulnerabilities with software faults (Fast Abstract)},
booktitle={37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2007)},
year=2007,
address={n/a},
}
@inproceedings{cisuc-1449-2007,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Detecting malicious SQL},
booktitle={4th International Conference on Trust, Privacy & Security in Digital Business (in conjunction with the 18th International Conference on Database and Expert Systems Applications (DEXA 2007)), TrusBus\'07},
year=2007,
address={n/a},
}
@inproceedings{cisuc-1489-2007,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Integrated Intrusion Detection in Databases},
booktitle={Third Latin-American Symposium on Dependable Computing (LADC 2007)},
year=2007,
address={n/a},
}
@inproceedings{cisuc-1498-2007,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Testing and comparing web vulnerability scanning tools for SQL injection and XSS attacks},
booktitle={13th IEEE Pacific Rim Dependable Computing Conference (PRDC 2007)},
year=2007,
address={n/a},
}
@inproceedings{cisuc-1312-2006,
author={José Fonseca and Marco Vieira and Madeira, H. },
title={Monitoring Database Application Behavior for Intrusion Detection (Short Paper)},
booktitle={The IEEE 12th International Symposium Pacific Rim Dependable Computing (PRDC 2006)},
year=2006,
address={n/a},
}
@inproceedings{cisuc-2065-2006,
author={José Fonseca },
title={Intrusion Detection in Databases},
booktitle={Students Forum of the International Conference on Dependable Systems and Networks (DSN 2006)},
year=2006,
address={n/a},
}
@inbook{cisuc-3540-2013,
author={José Fonseca and Materase, F. },
title={Using Vulnerability Injection to Improve Web Security},
chapter={11},
publisher={Springer},
booktitle={Innovative Technologies for Dependable OTS-Based Critical Systems - Challenges and Achievements of the CRITICAL STEP Project},
volume={1},
edition={1},
pages={145--157},
year=2013,
address={n/a},
}
@inbook{cisuc-3541-2013,
author={José Fonseca and Marco Vieira },
title={A Survey on Secure Software Development Lifecycles},
chapter={3},
publisher={IGI Global},
booktitle={Software Development Techniques for Constructive Information Systems Design},
volume={1},
edition={1},
pages={57--73},
year=2013,
address={n/a},
}
@inbook{cisuc-3125-2012,
author={Joao Duraes and José Fonseca and Madeira, H. and Marco Vieira },
title={Field Studies on Resilience: Measurements and Repositories},
chapter={11},
publisher={Springer Berlin Heidelberg},
booktitle={Resilience Assessment and Evaluation},
volume={na},
edition={na},
pages={213--237},
year=2012,
address={n/a},
}