, From Qualitative to Quantitative Program Analysis: Permissive Enforcement of Secure Information Flow, Rennes, vol.1, 2015.
URL : https://hal.archives-ouvertes.fr/tel-01184857
, Program transformation for noninterference verication on programs with pointers, Security and Privacy Protection in Information Processing Systems, IFIP Advances in Information and Communication Technology, p.231244, 2013.
, Ecient purely-dynamic information ow analysis, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security. pp. 113124. PLAS '09, 2009.
DOI : 10.1145/1667209.1667223
, Hybrid information ow analysis for programs with arrays, Proceedings of the Fourth International Workshop on Verication and Program Transformation Electronic Proceedings in Theoretical Computer Science, p.523, 2016.
DOI : 10.4204/eptcs.216.1
URL : http://arxiv.org/pdf/1607.02225
, Failures in NIST's ECC standards (2016), https
, A taxonomy of information ow monitors, Principles of Security and Trust: 5th International Conference , POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software Proceedings, p.4667, 2016.
, Structuring Abstract Interpreters Through State and Value Abstractions, International Conference on Verication, Model Checking, and Abstract Interpretation (VMCAI'17), 2017.
DOI : 10.1007/978-3-642-31424-7_15
, Taint Dependency Sequences: A Characterization of Insecure Execution Paths Based on Input-Sensitive Cause Sequences, 2010 Third International Conference on Software Testing, Verification, and Validation Workshops, p.371380, 2010.
DOI : 10.1109/ICSTW.2010.28
, Certication of programs for secure information ow, Commun. ACM, vol.20, issue.504513, 1977.
, Physical key extraction attacks on PCs, Communications of the ACM, vol.59, issue.6, p.7079, 2016.
DOI : 10.1007/978-3-662-43826-8_6
, Security Policies and Security Models, 1982 IEEE Symposium on Security and Privacy, 1982.
DOI : 10.1109/SP.1982.10014
, Value-sensitive hybrid information ow control for a javascript-like language, Proceedings of the 2015 IEEE 28th Computer Security Foundations Symposium. pp. 351365. CSF '15, 2015.
, Jsow: Tracking information ow in javascript and its apis, Proceedings of the 29th Annual ACM Symposium on Applied Computing. pp. 16631671. SAC '14, 2014.
DOI : 10.3233/jcs-160544
, On ow-sensitive security types, Conference Record of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. pp. 7990. POPL '06, 2006.
DOI : 10.1145/1111320.1111045
URL : http://www.cs.chalmers.se/~dave/papers/Hunt-Sands-POPL06.pdf
, Information ow tracking meets just-in-time compilation, ACM Trans. Archit. Code Optim, vol.10, issue.38, p.13825, 2013.
DOI : 10.1145/2541228.2555295
, Frama-C: A software analysis perspective, Formal Aspects of Computing, vol.12, issue.1???2, pp.165-179, 2015.
DOI : 10.1007/11408901_21
, A Lesson on Runtime Assertion Checking with Frama-C, International Conference on Runtime Verication, p.386399, 2013.
DOI : 10.1007/978-3-642-40787-1_29
, Automata-based condentiality monitoring, Proceedings of the 11th Asian Computing Science Conference on Advances in Computer Science: Secure Software and Related Issues . ASIAN'06, 2007.
, Cache missing for fun and prot, 2005.
, Dynamic vs. static ow-sensitive security analysis, Computer Security Foundations Symposium (CSF), pp.23-186199, 2010.
, Pointer Analysis, Foundations and Trends?? in Programming Languages, vol.2, issue.1, p.169, 2015.
DOI : 10.1561/2500000014
, A sound type system for secure ow analysis, J. Comput. Secur, vol.4, issue.2-3, p.167187, 1996.
, Shadow State Encoding for Ecient Monitoring of Block-level Properties Submitted for publication
, Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks, Proceedings of the 15th Conference on USENIX Security Symposium -Volume 15. USENIX-SS'06, USENIX Association, 2006.