{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T03:08:08Z","timestamp":1769915288116,"version":"3.49.0"},"reference-count":20,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,5]]},"DOI":"10.1109\/iwsess.2009.5068455","type":"proceedings-article","created":{"date-parts":[[2009,6,10]],"date-time":"2009-06-10T10:55:45Z","timestamp":1244631345000},"page":"25-32","source":"Crossref","is-referenced-by-count":21,"title":["A hybrid analysis framework for detecting web application vulnerabilities"],"prefix":"10.1109","author":[{"given":"Mattia","family":"Monga","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Roberto","family":"Paleari","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Emanuele","family":"Passerini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1984.5010248"},{"key":"17","article-title":"symantec inc","year":"2008","journal-title":"Symantec internet security threat report Volume XIII"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"15","year":"0","journal-title":"Perl documentation perlsec"},{"key":"16","article-title":"defending against injection attacks through context-sensitive string evaluation","author":"pietraszek","year":"2005","journal-title":"In Recent Advances in Intrusion Detection (RAID)"},{"key":"13","year":"0"},{"key":"14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-03811-6"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/1134744.1134751"},{"key":"12","article-title":"pixy: a static analysis tool for detecting web application vulnerabilities (short paper)","author":"jovanovic","year":"2006","journal-title":"IEEE Symposium on Security and Privacy"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"20","article-title":"static detection of security vulnerabilities in scripting languages","author":"xie","year":"2006","journal-title":"Proceedings of the 15th conference on USENIX Security Symposium"},{"key":"2","doi-asserted-by":"publisher","DOI":"10.1145\/390013.808479"},{"key":"1","year":"1986","journal-title":"Principles Techniques and Tools"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/988672.988679"},{"key":"7","article-title":"a dynamic technique for enhancing the security and privacy of web applications","author":"futoransky","year":"2007","journal-title":"Black Hat USA"},{"key":"6","article-title":"static and dynamic analysis: synergy and duality","author":"ernst","year":"2003","journal-title":"WODA 2003 ICSE Workshop on Dynamic Analysis"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-72912-9_13"},{"key":"4","year":"2002","journal-title":"Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1145\/53990.53994"},{"key":"8","article-title":"a classification of sql-injection attacks and countermeasures","author":"halfond","year":"2006","journal-title":"Proceedings of the IEEE International Symposium on Secure Software Engineering"}],"event":{"name":"2009 ICSE Workshop on Software Engineering for Secure Systems (SESS)","location":"Vancouver, BC, Canada","start":{"date-parts":[[2009,5,19]]},"end":{"date-parts":[[2009,5,19]]}},"container-title":["2009 ICSE Workshop on Software Engineering for Secure Systems"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/5054533\/5068439\/05068455.pdf?arnumber=5068455","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,17]],"date-time":"2017-03-17T13:15:50Z","timestamp":1489756550000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/5068455\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,5]]},"references-count":20,"URL":"https:\/\/doi.org\/10.1109\/iwsess.2009.5068455","relation":{},"subject":[],"published":{"date-parts":[[2009,5]]}}}