{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,30]],"date-time":"2025-05-30T05:44:18Z","timestamp":1748583858410},"reference-count":24,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,6]]},"DOI":"10.1109\/icse.2012.6227124","type":"proceedings-article","created":{"date-parts":[[2012,7,9]],"date-time":"2012-07-09T21:24:04Z","timestamp":1341869044000},"page":"947-957","source":"Crossref","is-referenced-by-count":11,"title":["Verifying client-side input validation functions using string analysis"],"prefix":"10.1109","author":[{"given":"Muath","family":"Alkhalaf","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tevfik","family":"Bultan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jose L.","family":"Gallegos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1145\/1858996.1859019"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-12002-2_13"},{"key":"17","article-title":"Flax: Systematic discovery of client-side validation vulnerabilities in rich web applications","author":"saxena","year":"0","journal-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS) 2010"},{"key":"23","first-page":"306","article-title":"Symbolic string verification: An automata-based approach","author":"yu","year":"2008","journal-title":"SPIN"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/TAIC.PART.2007.34"},{"key":"24","first-page":"290","article-title":"Relational string verifi- cation using multi-track automata","author":"yu","year":"2010","journal-title":"CIAA"},{"journal-title":"Rhino JavaScript for Java","year":"0","key":"15"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.38"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1145\/1060745.1060809"},{"journal-title":"Head First JavaScript","year":"2007","author":"morrison","key":"14"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572286"},{"journal-title":"PEX","year":"0","key":"12"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"3","first-page":"1","article-title":"Precise analysis of string expressions","author":"christensen","year":"2003","journal-title":"SAS"},{"journal-title":"A Survey of Program Slicing Techniques","year":"1994","author":"tip","key":"20"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866375"},{"key":"1","doi-asserted-by":"crossref","first-page":"321","DOI":"10.1007\/978-3-540-27813-9_25","article-title":"Widening arithmetic automata","author":"bartzis","year":"2004","journal-title":"Computer Aided Verification04"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368112"},{"journal-title":"Closure Compiler","year":"0","key":"7"},{"journal-title":"HtmlUnit Headless Browser for Testing Web Applications","year":"0","key":"6"},{"key":"5","first-page":"87","article-title":"A static analysis framework for detecting sql injection vulnerabilities","author":"fu","year":"2007","journal-title":"COMPSAC"},{"key":"4","first-page":"131","article-title":"Patching vulnerabilities with sanitization synthesis","author":"fang yu","year":"2011","journal-title":"International Conference on Software Engineering (ICSE)"},{"key":"9","first-page":"151","article-title":"Gatekeeper: Mostly static enforcement of security and reliability policies for javascript code","author":"guarnieri","year":"2009","journal-title":"Proceedings of the 18th Conference on USENIX Security Symposium SSYM'09"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2004.1317486"}],"event":{"name":"2012 34th International Conference on Software Engineering (ICSE 2012)","start":{"date-parts":[[2012,6,2]]},"location":"Zurich","end":{"date-parts":[[2012,6,9]]}},"container-title":["2012 34th International Conference on Software Engineering (ICSE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6218989\/6227015\/06227124.pdf?arnumber=6227124","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,20]],"date-time":"2017-06-20T21:08:08Z","timestamp":1497992888000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6227124\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,6]]},"references-count":24,"URL":"https:\/\/doi.org\/10.1109\/icse.2012.6227124","relation":{},"subject":[],"published":{"date-parts":[[2012,6]]}}}