Trade-offs in managing risk and technical debt in industrial research labs - an experience report.
François Gauthier, Alexander Jordan, Padmanabhan Krishnan, Behnaz Hassanshahi, Jörn Guy Süß, Sora Bae, Hyunjun Lee, TechDebt@ICSE
Nodest - feedback-driven static analysis of Node.js applications.
Benjamin Barslev Nielsen, Behnaz Hassanshahi, François Gauthier, ESEC/SIGSOFT FSE
Vandal: A scalable security analysis framework for smart contracts
Anton Jurisevic, Bernhard Scholz, Eric Liu, Francois Gauthier, Lexi Brent, Michael Kong, Ralph Holz, Vincent Gramoli, arXiv
AFFOGATO - runtime detection of injection attacks for Node.js.
François Gauthier, Behnaz Hassanshahi, Alexander Jordan, ISSTA/ECOOP Workshops
Driver Generation for Java EE Web Applications.
Jens Dietrich, François Gauthier, Padmanabhan Krishnan, ASWEC
Reference Abstract Domains and Applications to String Analysis.
Roberto Amadini, Graeme Gange, François Gauthier, Alexander Jordan, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang, Fundam. Informaticae
Reference Abstract Domains and Applications to String Analysis.
Roberto Amadini, Graeme Gange, François Gauthier, Alexander Jordan, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang, Fundam. Inform.
SAFE-PDF - Robust Detection of JavaScript PDF Malware Using Abstract Interpretation.
Alexander Jordan, François Gauthier, Behnaz Hassanshahi, David Zhao, CoRR
Scalable Static Analysis to Detect Security Vulnerabilities - Challenges and Solutions.
François Gauthier, Nathan Keynes, Nicholas Allen, Diane Corney, Padmanabhan Krishnan, SecDev
Combining String Abstract Domains for JavaScript Analysis - An Evaluation.
Roberto Amadini, Alexander Jordan, Graeme Gange, François Gauthier, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang, TACAS
JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications
Antonin Steinhauser, Francois Gauthier, 2016 ACM Workshop on Programming Languages and Analysis for Security
Evolutionary analysis of access control models: a formal concept analysis method
Zhuobing Han, Mathieu Mérineau, Francois Gauthier, Ettore Merlo, Xiaohong Li, Eleni Stroulia, CASCON 2015:5pp.
Supporting Maintenance and Evolution of Access Control Models in Web Applications
Francois Gauthier, Ettore Merlo, Eleni Stroulia, David Turner, ICSME 2014:5pp.
Semantic smells and errors in access control models: A case study in PHP
Francois Gauthier, Ettore Merlo, ICSE 2013:1169-1172
Uncovering access control weaknesses and flaws with security-discordant software clones
Francois Gauthier, Thierry Lavoie, Ettore Merlo, ACSAC 2013:209-218
Alias-aware propagation of simple pattern-based properties in PHP applications
Francois Gauthier, Ettore Merlo, SCAM 2012:44-53
Fast detection of access control vulnerabilities in PHP applications
Francois Gauthier, Ettore Merlo, WCRE 2012:247-256
Investigation of Access Control Models with Formal Concept Analysis: A Case Study
Francois Gauthier, Ettore Merlo, CSMR 2012:397-402
Targeted genetic test SQL generation for the DB2 database
Dominic Letarte, Francois Gauthier, Ettore Merlo, Nattavut Sutyanyong, Calisto Zuzarte, DBTest 2012:5pp.
Extraction and comprehension of Moodle's access control model: A case study
Francois Gauthier, Dominic Letarte, Thierry Lavoie, Ettore Merlo, PST 2011:44-51
Security model evolution of PHP web applications
Dominic Letarte, Francois Gauthier, Ettore Merlo, ICST 2011:289-298