Oracle

Oracle Labs
People
Francois Gauthier

Francois Gauthier

Francois Gauthier - Principal Researcher

François Gauthier is a Principal Researcher for Oracle Labs, working in the Program Analysis Group. He is currently developing next-gen dynamic security analyses for Node.js applications.

His main research interests focus on scalable program analysis, including static and dynamic analysis, software testing and program comprehension. His research interests also include software engineering, machine learning and bioinformatics.

Education:

* PhD Computer Engineering 2014, University of Montreal, Canada

* MSc Bioinformatics 2007, University of Montreal, Canada

* BSc Bioinformatics 2005, University of Montreal, Canada

Publications
Patents

Affogato: Runtime Detection of Injection Attacks for Node.js
Francois Gauthier, Behnaz Hassanshahi, Alexander Jordan, International Workshop on the State Of the Art in Program Analysis (SOAP) 2018

SAFE-PDF: Robust Detection of PDF Malware Using Abstract Interpretation
Francois Gauthier, Alexander Jordan, Behnaz Hassanshahi, arXiv.org (arXiv.org is a highly-automated electronic archive and distribution server for research articles. It is maintained and operated by the Cornell University Library with guidance from the arXiv Scientific Advisory Board and the arXiv Member Advisory Board, and with the help of numerous subject moderators.)

SOAP 2018 Presentation: Affogato: Runtime Detection of Injection Attacks for Node.js
Behnaz Hassanshahi, Francois Gauthier, Alexander Jordan, 7th International Workshop on the State Of the Art in Program Analysis (SOAP) 2018

Scalable Static Analysis to Detect Security Vulnerabilities: Challenges and Solutions
Nathan Keynes, Francois Gauthier, Padmanabhan Krishnan, Diane Corney, Nicholas Allen, IEEE SecDev (Practitioners Session) https://secdev.ieee.org/2018/papers/#psa

Combining String Abstract Domains for JavaScript Analysis - An Evaluation.
Roberto Amadini, Alexander Jordan, Graeme Gange, François Gauthier, Peter Schachte, Harald Søndergaard, Peter J. Stuckey, Chenyi Zhang, TACAS

JSPChecker: Static Detection of Context-Sensitive Cross-Site Scripting Flaws in Legacy Web Applications
Antonin Steinhauser, Francois Gauthier, 2016 ACM Workshop on Programming Languages and Analysis for Security

Evolutionary analysis of access control models: a formal concept analysis method
Zhuobing Han, Mathieu Mérineau, Francois Gauthier, Ettore Merlo, Xiaohong Li, Eleni Stroulia, CASCON 2015:5pp.

Supporting Maintenance and Evolution of Access Control Models in Web Applications
Francois Gauthier, Ettore Merlo, Eleni Stroulia, David Turner, ICSME 2014:5pp.

Semantic smells and errors in access control models: A case study in PHP
Francois Gauthier, Ettore Merlo, ICSE 2013:1169-1172

Uncovering access control weaknesses and flaws with security-discordant software clones
Francois Gauthier, Thierry Lavoie, Ettore Merlo, ACSAC 2013:209-218

Alias-aware propagation of simple pattern-based properties in PHP applications
Francois Gauthier, Ettore Merlo, SCAM 2012:44-53

Fast detection of access control vulnerabilities in PHP applications
Francois Gauthier, Ettore Merlo, WCRE 2012:247-256

Investigation of Access Control Models with Formal Concept Analysis: A Case Study
Francois Gauthier, Ettore Merlo, CSMR 2012:397-402

Targeted genetic test SQL generation for the DB2 database
Dominic Letarte, Francois Gauthier, Ettore Merlo, Nattavut Sutyanyong, Calisto Zuzarte, DBTest 2012:5pp.

Extraction and comprehension of Moodle's access control model: A case study
Francois Gauthier, Dominic Letarte, Thierry Lavoie, Ettore Merlo, PST 2011:44-51

Security model evolution of PHP web applications
Dominic Letarte, Francois Gauthier, Ettore Merlo, ICST 2011:289-298
No patents found.

About Oracle Labs

Projects

Team

Research Centers

External Research Office

All News

Francois Gauthier

Hardware and Software, Engineered to Work Together