CISUC

Mapping Software Faults with Web Security Vulnerabilities

Authors

Subject

Security Benchmarking

Conference

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2008), June 2008


Cited by

Year 2013 : 2 citations

 Gary Nilson, Kent Wills, Jeffrey Stuckman, James Purtilo, "BugBox: A Vulnerability Corpus for PHP Web Applications", 6th Workshop on Cyber Security Experimentation and Test, CSET'13, Washington D. C., USA, August 12, 2013.

 Umme Hunny, Mohammad Zulkernine, and Komminist Weldemariam, "OSDC: adapting ODC for developing more secure software", 28th Annual ACM Symposium on Applied Computing, SAC '13, Coimbra, Portugal, March 18 - 22, 2013.

Year 2012 : 3 citations

 1. Theodoor Scholte, Davide Balzarotti, William Robertson, Engin Kirda, "An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages", 27th ACM Symposium On Applied Computing (SAC 2012), Trento, Italy, March 2012.

 Rim Akrout, "Analyse de vulnérabilités et évaluation de systèmes de détection d'intrusions pour les applications Web", PhD Thesis, Institut National des Sciences Appliquées de Toulouse (INSA Toulouse), Toulouse, France, October 2012.

 Jeffrey Stuckman, James Purtilo "Comparing and applying attack surface metrics", 8th international workshop on Security measurements and metrics, MetriSec'12, Lund, Sweden, September 21, 2012.

Year 2011 : 6 citations

 Roberto Natella, “Achieving Representative Faultloads in Software Fault Injection”, PhD Thesis, Universita' Degli Studi di Napoli Federico II, Italy, November 2011.

 Jeff Stuckman, James Purtilo, "A Testbed for the Evaluation of Web Intrusion Prevention Systems", 2011 Third International Workshop on Security Measurements and Metrics, Metrisec, September 2011.

 Mohamed Al-Ibrahim, "Are our Educational Technology Systems Secured?", International Journal for e-Learning Security (IJeLS), Volume 1, Issues 3/4, September/December 2011.

 Rich Pietravalle and Dan Lanz, “Resiliency Research Snapshot”, Technical Report. 11-3023, MITRE Corporation, June 2011.

 Jingshu Chen, Sandeep Kulkarni, “Effectiveness of Transition Systems to Model Faults”, 2nd International Workshop on Logical Aspects of Fault-Tolerance, LAFT, in conjunction with Twenty-Sixth Annual IEEE Symposium on Logic in Computer Science (LICS 2011), Toronto, Canada, June, 2011.

 Francisco Vieira, “Realistic Vulnerability Injections in PHP Web Applications”, MSc Thesis, Faculty of Sciences, University of Lisbon, Lisbon, Portugal, 2011.

Year 2010 : 4 citations

 Plínio C. S. Fernandes, Tania Basso, Regina L. O. Moraes, Mario Jino, "Attack Trees Modeling for Security Tests in Web Applications", IV Brazilian Workshop on Systematic and Automated Software Testing, SAST 2010, Natal, Brazil, November 8-10, 2010.

 1. Célio B. Taquary Segundo, Luis Fernando Rust C. Carmo, Luci Pirmez, “Uso de Árvores de Ataque e Técnicas de Mutação de Código na Segurança de Aplicações Web”, X Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, SBSeg’10, Fortaleza, Brazil, October 2010.

 2. Tânia Basso, Plínio César Simões Fernandes, Mario Jino, Regina Moraes, “Analysis of the Effect of Java Software Faults on Security Vulnerabilities and Their Detection by Commercial Web Vulnerability Scanner Tool”, 4th Workshop on Recent Advances on Intrusion-Tolerant Systems, WRAITS 2010, in conjunction with The 40th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2010), Chicago, IL, USA, 2010.

 3. Tania Basso, Regina L. O. Moraes, Mario Jino, "A Methodology for Effectiveness Analysis of Vulnerability Scanning Tools", III EADCA - Terceiro Encontro dos Alunos e Docentes do Departamento de Engenharia de Computação e Automação Industrial, University of Campinas (UNICAMP), Brazil, March 2010.

Year 2009 : 2 citations

 1. Regina Moraes, Bruno T. de Abreu, Eliane Martins, "Mapping Web-Based Applications Failures to Faults", Fourth Latin-American Symposium on Dependable Computing, LADC 2009, João Pessoa, PB, Brazil, September, 2009.

 2. T. Basso, R. Moraes, B. P. Sanches, M. Jino, “An Investigation of Java Faults Operators Derived from a Field Data Study on Java Software Faults”, Workshop de Tolerancia a Falhas (WTF 2009), jointly organized with the Fourth Latin-American Symposium on Dependable Computing (LADC 2009), João Pessoa, PB, Brazil, September 2009.

Year 2008 : 1 citations

 1. Cesar Simões Fernandes, "Desenvolvimento de Ferramenta para Injeção de Falhas de Software - J-SWFIT", Pauta da 23ª Reunião Ordinária, Centro Superior de Educação Tecnológica, University of Campinas, Brazil, 2008.