{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T12:55:00Z","timestamp":1725627300296},"publisher-location":"Berlin, Heidelberg","reference-count":24,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642245794"},{"type":"electronic","value":"9783642245800"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-24580-0_7","type":"book-chapter","created":{"date-parts":[[2011,11,2]],"date-time":"2011-11-02T06:21:42Z","timestamp":1320214902000},"page":"80-96","source":"Crossref","is-referenced-by-count":7,"title":["Using Testing Techniques for Vulnerability Detection in C Programs"],"prefix":"10.1007","author":[{"given":"Amel","family":"Mammar","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ana","family":"Cavalli","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Willy","family":"Jimenez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wissam","family":"Mallouli","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Edgardo Montes","family":"de Oca","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"7_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"150","DOI":"10.1007\/978-3-540-30232-2_10","volume-title":"Formal Techniques for Networked and Distributed Systems \u2013 FORTE 2004","author":"B. Alcalde","year":"2004","unstructured":"Alcalde, B., Cavalli, A.R., Chen, D., Khuu, D., Lee, D.: Network Protocol System Passive Testing for Fault Management: A Backward Checking Approach. In: de Frutos-Escrig, D., N\u00fa\u00f1ez, M. (eds.) FORTE 2004. LNCS, vol.\u00a03235, pp. 150\u2013166. Springer, Heidelberg (2004)"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Balzarotti, D., Cova, M., Jovanovic, N., Kirda, E., Kruegel, C., Vigna, G.: Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications. In: IEEE Symposium on Security & Privacy, pp. 387\u2013401 (2008)","DOI":"10.1109\/SP.2008.22"},{"key":"7_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1007\/978-3-642-22110-1_13","volume-title":"Computer Aided Verification","author":"S. Bardin","year":"2011","unstructured":"Bardin, S., Herrmann, P., Leroux, J., Ly, O., Tabary, R., Vincent, A.: The BINCOA Framework for Binary Code Analysis. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol.\u00a06806, pp. 165\u2013170. Springer, Heidelberg (2011)"},{"issue":"2","key":"7_CR4","first-page":"247","volume":"48","author":"E. Bayse","year":"2005","unstructured":"Bayse, E., Cavalli, A., N\u00fanez, M., Zaidi, F.: A Passive Testing Approach Based on Invariants: Application to the Wap. Computer Networks and ISDN Systems\u00a048(2), 247\u2013266 (2005)","journal-title":"Computer Networks and ISDN Systems"},{"issue":"12","key":"7_CR5","doi-asserted-by":"publisher","first-page":"837","DOI":"10.1016\/S0950-5849(03)00063-6","volume":"45","author":"A.R. Cavalli","year":"2003","unstructured":"Cavalli, A.R., Gervy, C., Prokopenko, S.: New Approaches for Passive Testing using an Extended Finite State Machine Specification. Information & Software Technology\u00a045(12), 837\u2013852 (2003)","journal-title":"Information & Software Technology"},{"key":"7_CR6","doi-asserted-by":"crossref","unstructured":"Cavalli, A.R., Vieira, D.: An Enhanced Passive Testing Approach for Network Protocols. In: ICN, ICONS, MCL, pp. 169\u2013169 (2006)","DOI":"10.1109\/ICNICONSMCL.2006.50"},{"key":"7_CR7","unstructured":"CERT Coordination Center. CERT\/CC statistics (accessed October 2007)"},{"issue":"1","key":"7_CR8","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1016\/j.istr.2008.02.003","volume":"13","author":"B. Chess","year":"2008","unstructured":"Chess, B., West, J.: Dynamic Taint Propagation: Finding Vulnerabilities without Attacking. Information Security Technical Report\u00a013(1), 33\u201339 (2008)","journal-title":"Information Security Technical Report"},{"key":"7_CR9","unstructured":"Coverity. Prevent (accessed September 2008)"},{"key":"7_CR10","unstructured":"Du, W., Mathur, A.: Vulnerability Testing of Software System using Fault Injection. In: Proceedings of the International Conference on Dependable Systems and Networks (DSN 2000), Workshop on Dependability Versis Malicious Faults (2000)"},{"issue":"2","key":"7_CR11","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1109\/MSP.2010.117","volume":"9","author":"S. Fenz","year":"2011","unstructured":"Fenz, S., Ekelhart, A.: Verification, Validation, and Evaluation in Information Security Risk Management. IEEE Security and Privacy (IEEESP)\u00a09(2), 58\u201365 (2011)","journal-title":"IEEE Security and Privacy (IEEESP)"},{"key":"7_CR12","unstructured":"Fortify Software. Fortify SCA (accessed September 2008)"},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Hadjidj, R., Yang, X., Tlili, S., Debbabi, M.: Model Checking for Software Vulnerabilities Detection with Multi-Language Support. In: Sixth Annual Conference on Privacy, Security and Trust, pp. 133\u2013142 (2008)","DOI":"10.1109\/PST.2008.21"},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Howard, M.: Inside the Windows Security Push. In: IEEE Symposium on Security & Privacy, pp. 57\u201361 (2003)","DOI":"10.1109\/MSECP.2003.1176996"},{"key":"7_CR15","unstructured":"Klocwork. K7 (accessed September 2008)"},{"key":"7_CR16","first-page":"218","volume-title":"ISP 2006: Proceedings of the 5th WSEAS International Conference on Information Security and Privacy","author":"C. Kuang","year":"2006","unstructured":"Kuang, C., Miao, Q., Chen, H.: Analysis of Software Vulnerability. In: ISP 2006: Proceedings of the 5th WSEAS International Conference on Information Security and Privacy, pp. 218\u2013223. World Scientific and Engineering Academy and Society (WSEAS), Stevens Point (2006)"},{"key":"7_CR17","volume-title":"Proceedings of the 1997 International Conference on Network Protocols (ICNP 1997)","author":"D. Lee","year":"1997","unstructured":"Lee, D., Netravali, A.N., Sabnani, K.K., Sugla, B., John, A.: Passive Testing and Applications to Network Management. In: Proceedings of the 1997 International Conference on Network Protocols (ICNP 1997). IEEE Computer Society, Washington, DC (1997)"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Mallouli, W., Bessayah, F., Cavalli, A., Benameur, A.: Security Rules Specification and Analysis Based on Passive Testing. In: The IEEE Global Communications Conference, GLOBECOM 2008 (2008)","DOI":"10.1109\/GLOCOM.2008.ECP.400"},{"key":"7_CR19","first-page":"277","volume-title":"Advanced Simulation Technologies Conference (ASTC)","author":"R.E. Miller","year":"2001","unstructured":"Miller, R.E., Arisha, K.A.: Fault Identification in Networks by Passive Testing. In: Advanced Simulation Technologies Conference (ASTC), pp. 277\u2013284. IEEE Computer Society, Los Alamitos (2001)"},{"key":"#cr-split#-7_CR20.1","unstructured":"Redwine, S., Davis, N.: Processes to Produce Secure Software (2004);"},{"key":"#cr-split#-7_CR20.2","unstructured":"Task Force on Security Across the Software Development Lifecycle, Appendix A"},{"key":"7_CR21","unstructured":"SHIELDS: Detecting Known Security Vulnerabilities from within Design and Development Tools. D1.4 Final SHIELDS approach guide"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Thompson, H.: Application of Penetration Testing. In: IEEE Symposium on Security & Privacy, pp. 66\u201369 (2005)","DOI":"10.1109\/MSP.2005.3"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Wang, L., Zhang, Q., Zhao, P.: Automated Detection of Code Vulnerabilities Based on Program Analysis and Model Checking. In: Eighth IEEE International Working Conference on Source Code Analysis and Manipulation, pp. 165\u2013173 (2008)","DOI":"10.1109\/SCAM.2008.24"}],"container-title":["Lecture Notes in Computer Science","Testing Software and Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-24580-0_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,14]],"date-time":"2019-04-14T16:18:09Z","timestamp":1555258689000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-24580-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642245794","9783642245800"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-24580-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}