{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T13:04:32Z","timestamp":1726059872287},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030356521"},{"type":"electronic","value":"9783030356538"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-35653-8_27","type":"book-chapter","created":{"date-parts":[[2019,11,22]],"date-time":"2019-11-22T13:02:59Z","timestamp":1574427779000},"page":"399-410","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Method to Enhance the Security Capability of Python IDE"],"prefix":"10.1007","author":[{"given":"Vinh","family":"Pham","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Namuk","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eunil","family":"Seo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun Suk","family":"Ha","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tai-Myoung","family":"Chung","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,11,20]]},"reference":[{"key":"27_CR1","unstructured":"OWASP Homepage. \nhttps:\/\/www.owasp.org"},{"key":"27_CR2","unstructured":"Cwe\/sans top 25 most dangerous software errors (2011). \nhttp:\/\/www.sans.org\/top25-software-errors\/"},{"key":"27_CR3","unstructured":"2011 Trustwave Global Security Report. \nhttps:\/\/www.trustwave.com"},{"key":"27_CR4","unstructured":"Python 3 - CGI Programming. \nhttps:\/\/www.tutorialspoint.com"},{"key":"27_CR5","unstructured":"Stack Overflow\u2019s annual Developer Survey (2019). \nhttps:\/\/insights.stackoverflow.com\/survey\/2019#most-popular-technologies"},{"key":"27_CR6","unstructured":"JetBrains Python Developers Survey (2018). \nhttps:\/\/www.jetbrains.com\/research\/python-developers-survey-2018\/"},{"key":"27_CR7","doi-asserted-by":"crossref","unstructured":"Juillerat, N.: Enforcing code security in database web applications using libraries and object models. In: Proceedings of the 2007 Symposium on Library-Centric Software Design, pp. 31\u201341. ACM (2007)","DOI":"10.1145\/1512762.1512766"},{"key":"27_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1007\/978-3-642-29420-4_12","volume-title":"Formal Aspects of Security and Trust","author":"R Grabowski","year":"2012","unstructured":"Grabowski, R., Hofmann, M., Li, K.: Type-based enforcement of secure programming guidelines \u2014 code injection prevention at SAP. In: Barthe, G., Datta, A., Etalle, S. (eds.) FAST 2011. LNCS, vol. 7140, pp. 182\u2013197. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-29420-4_12"},{"key":"27_CR9","doi-asserted-by":"crossref","unstructured":"Kals, S., Kirda, E., Kruegel, C., Jovanovic, N.: SecuBat: a web vulnerability scanner. In: Proceedings of the 15th International Conference on World Wide Web, pp. 247\u2013256. ACM (2006)","DOI":"10.1145\/1135777.1135817"},{"issue":"10","key":"27_CR10","doi-asserted-by":"publisher","first-page":"1767","DOI":"10.1016\/j.infsof.2013.04.002","volume":"55","author":"LK Shar","year":"2013","unstructured":"Shar, L.K., Tan, H.B.K.: Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns. Inf. Softw. Technol. 55(10), 1767\u20131780 (2013)","journal-title":"Inf. Softw. Technol."},{"issue":"1","key":"27_CR11","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1145\/1111320.1111070","volume":"41","author":"Z Su","year":"2006","unstructured":"Su, Z., Wassermann, G.: The essence of command injection attacks in web applications. ACM SIGPLAN Not. 41(1), 372\u2013382 (2006)","journal-title":"ACM SIGPLAN Not."},{"key":"27_CR12","doi-asserted-by":"crossref","unstructured":"Johns, M., Engelmann, B., Posegga, J.: XSSDS: server-side detection of cross-site scripting attacks. In: 2008 Annual Computer Security Applications Conference (ACSAC), pp. 335\u2013344. IEEE (2008)","DOI":"10.1109\/ACSAC.2008.36"},{"key":"27_CR13","doi-asserted-by":"crossref","unstructured":"Fulton, N., Omar, C., Aldrich, J.: Statically typed string sanitation inside a Python. In: Proceedings of the 2014 International Workshop on Privacy & Security in Programming. ACM (2014)","DOI":"10.1145\/2687148.2687152"},{"key":"27_CR14","unstructured":"Micheelsen, S., Thalmann, B.: A static analysis tool for detecting security vulnerabilities in python web applications (2016)"},{"key":"27_CR15","doi-asserted-by":"crossref","unstructured":"Giannopoulos, L., et al.: Pythia: identifying dangerous data-flows in Django-based applications. EuroSec@ EuroSys (2019)","DOI":"10.1145\/3301417.3312497"},{"key":"27_CR16","unstructured":"Johns, M.: Towards practical prevention of code injection vulnerabilities on the programming language level (2007)"},{"key":"27_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1007\/978-3-642-11747-3_8","volume-title":"Engineering Secure Software and Systems","author":"M Johns","year":"2010","unstructured":"Johns, M., Beyerlein, C., Giesecke, R., Posegga, J.: Secure code generation for web applications. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 96\u2013113. Springer, Heidelberg (2010). \nhttps:\/\/doi.org\/10.1007\/978-3-642-11747-3_8"},{"issue":"5","key":"27_CR18","first-page":"256","volume":"53","author":"M Johns","year":"2011","unstructured":"Johns, M.: Code-injection vulnerabilities in web applications \u2014 exemplified at cross-site scripting. IT Inf. Technol. Methoden Innov. Anwend. Inform. Inf. 53(5), 256\u2013260 (2011)","journal-title":"IT Inf. Technol. Methoden Innov. Anwend. Inform. Inf."}],"container-title":["Lecture Notes in Computer Science","Future Data and Security Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-35653-8_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,22]],"date-time":"2019-11-22T13:09:54Z","timestamp":1574428194000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-35653-8_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030356521","9783030356538"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-35653-8_27","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"20 November 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FDSE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Future Data and Security Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nha Trang City","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Vietnam","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 November 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 November 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fdse2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/fdse.hcmut.edu.vn\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}