JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications
Antonin Steinhauser, Francois Gauthier, 2016 ACM Workshop on Programming Languages and Analysis for Security

Evolutionary analysis of access control models: a formal concept analysis method
Zhuobing Han, Mathieu Mérineau, Francois Gauthier, Ettore Merlo, Xiaohong Li, Eleni Stroulia, CASCON 2015:5pp.

Supporting Maintenance and Evolution of Access Control Models in Web Applications
Francois Gauthier, Ettore Merlo, Eleni Stroulia, David Turner, ICSME 2014:5pp.

Semantic smells and errors in access control models: A case study in PHP
Francois Gauthier, Ettore Merlo, ICSE 2013:1169-1172

Uncovering access control weaknesses and flaws with security-discordant software clones
Francois Gauthier, Thierry Lavoie, Ettore Merlo, ACSAC 2013:209-218

Alias-aware propagation of simple pattern-based properties in PHP applications
Francois Gauthier, Ettore Merlo, SCAM 2012:44-53

Fast detection of access control vulnerabilities in PHP applications
Francois Gauthier, Ettore Merlo, WCRE 2012:247-256

Investigation of Access Control Models with Formal Concept Analysis: A Case Study
Francois Gauthier, Ettore Merlo, CSMR 2012:397-402

Targeted genetic test SQL generation for the DB2 database
Dominic Letarte, Francois Gauthier, Ettore Merlo, Nattavut Sutyanyong, Calisto Zuzarte, DBTest 2012:5pp.

Extraction and comprehension of Moodle's access control model: A case study
Francois Gauthier, Dominic Letarte, Thierry Lavoie, Ettore Merlo, PST 2011:44-51

Security model evolution of PHP web applications
Dominic Letarte, Francois Gauthier, Ettore Merlo, ICST 2011:289-298

Static Detection Of Context-Sensitive Cross-Site Scripting Vulnerabilities
(Jun 18, 2019)