{"id":"https://openalex.org/W3142457714","doi":"https://doi.org/10.1109/icse.2012.6227124","title":"Verifying client-side input validation functions using string analysis","display_name":"Verifying client-side input validation functions using string analysis","publication_year":2012,"publication_date":"2012-06-01","ids":{"openalex":"https://openalex.org/W3142457714","doi":"https://doi.org/10.1109/icse.2012.6227124","mag":"3142457714"},"language":"en","primary_location":{"id":"doi:10.1109/icse.2012.6227124","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icse.2012.6227124","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2012 34th International Conference on Software Engineering (ICSE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014747638","display_name":"Muath Alkhalaf","orcid":null},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Muath Alkhalaf","raw_affiliation_strings":["Computer Science Department, University of California, Santa Barbara, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Computer Science Department, University of California, Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039991493","display_name":"Tevfik Bultan","orcid":"https://orcid.org/0000-0003-2993-1215"},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tevfik Bultan","raw_affiliation_strings":["Computer Science Department, University of California, Santa Barbara, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Computer Science Department, University of California, Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5110120970","display_name":"Jos\u00e9 Luis de la Cruz Gallegos","orcid":null},"institutions":[{"id":"https://openalex.org/I154570441","display_name":"University of California, Santa Barbara","ror":"https://ror.org/02t274463","country_code":"US","type":"education","lineage":["https://openalex.org/I154570441"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jose L. Gallegos","raw_affiliation_strings":["Computer Science Department, University of California, Santa Barbara, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Computer Science Department, University of California, Santa Barbara, CA, USA","institution_ids":["https://openalex.org/I154570441"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.4698,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.89505647,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"947","last_page":"957"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.983299970626831,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8435197472572327},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.7481313347816467},{"id":"https://openalex.org/keywords/client-side","display_name":"Client-side","score":0.6455324292182922},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5895072817802429},{"id":"https://openalex.org/keywords/slicing","display_name":"Slicing","score":0.567401111125946},{"id":"https://openalex.org/keywords/string","display_name":"String (physics)","score":0.5604899525642395},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.5305324792861938},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5104714632034302},{"id":"https://openalex.org/keywords/regular-expression","display_name":"Regular expression","score":0.4976959526538849},{"id":"https://openalex.org/keywords/computation","display_name":"Computation","score":0.4900773763656616},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.4480019509792328},{"id":"https://openalex.org/keywords/automaton","display_name":"Automaton","score":0.4286016821861267},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3964165449142456},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.38277798891067505},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3767991364002228},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3701649308204651},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1437370777130127},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.10190117359161377},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.08931800723075867}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8435197472572327},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.7481313347816467},{"id":"https://openalex.org/C202477664","wikidata":"https://www.wikidata.org/wiki/Q1352449","display_name":"Client-side","level":2,"score":0.6455324292182922},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5895072817802429},{"id":"https://openalex.org/C2776190703","wikidata":"https://www.wikidata.org/wiki/Q488148","display_name":"Slicing","level":2,"score":0.567401111125946},{"id":"https://openalex.org/C157486923","wikidata":"https://www.wikidata.org/wiki/Q1376436","display_name":"String (physics)","level":2,"score":0.5604899525642395},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.5305324792861938},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5104714632034302},{"id":"https://openalex.org/C121329065","wikidata":"https://www.wikidata.org/wiki/Q185612","display_name":"Regular expression","level":2,"score":0.4976959526538849},{"id":"https://openalex.org/C45374587","wikidata":"https://www.wikidata.org/wiki/Q12525525","display_name":"Computation","level":2,"score":0.4900773763656616},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.4480019509792328},{"id":"https://openalex.org/C112505250","wikidata":"https://www.wikidata.org/wiki/Q787116","display_name":"Automaton","level":2,"score":0.4286016821861267},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3964165449142456},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.38277798891067505},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3767991364002228},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3701649308204651},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1437370777130127},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.10190117359161377},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.08931800723075867},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C37914503","wikidata":"https://www.wikidata.org/wiki/Q156495","display_name":"Mathematical physics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icse.2012.6227124","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icse.2012.6227124","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2012 34th International Conference on Software Engineering (ICSE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320321145","display_name":"King Saud University","ror":"https://ror.org/02f81g417"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W1561331110","https://openalex.org/W1575308494","https://openalex.org/W1952344271","https://openalex.org/W2000974833","https://openalex.org/W2008158744","https://openalex.org/W2094568767","https://openalex.org/W2096854577","https://openalex.org/W2103660000","https://openalex.org/W2107604680","https://openalex.org/W2110318050","https://openalex.org/W2132733485","https://openalex.org/W2134646643","https://openalex.org/W2138124253","https://openalex.org/W2142504844","https://openalex.org/W2157623558","https://openalex.org/W2162720432","https://openalex.org/W2405282478","https://openalex.org/W4232808412","https://openalex.org/W4240309233","https://openalex.org/W6633642553","https://openalex.org/W6638271993","https://openalex.org/W6656022013","https://openalex.org/W6675428106","https://openalex.org/W6679363136","https://openalex.org/W6713211458"],"related_works":["https://openalex.org/W1566603754","https://openalex.org/W2290206096","https://openalex.org/W2949337025","https://openalex.org/W2527850347","https://openalex.org/W2148261527","https://openalex.org/W2943523602","https://openalex.org/W3027385388","https://openalex.org/W2584011092","https://openalex.org/W2621181330","https://openalex.org/W2085515337"],"abstract_inverted_index":{"Client-side":[0],"computation":[1,22],"in":[2,188,191],"web":[3,168],"applications":[4,169,200],"is":[5,23,130,147,186],"becoming":[6],"increasingly":[7],"common":[8],"due":[9],"to":[10,26,39,59,160,175],"the":[11,40,77,84,93,96,103,122,134,139,150,163,177],"popularity":[12],"of":[13,86,105,119],"powerful":[14],"client-side":[15,54],"programming":[16],"languages":[17],"such":[18],"as":[19],"JavaScript.":[20,208],"Clientside":[21],"commonly":[24],"used":[25],"improve":[27],"an":[28,47,127,144],"application's":[29],"responsiveness":[30],"by":[31,133,149],"validating":[32],"user":[33],"inputs":[34,87,106],"before":[35],"they":[36],"are":[37,69],"sent":[38],"server.":[41],"In":[42,63],"this":[43],"paper,":[44],"we":[45,114,196],"present":[46],"analysis":[48,113,156,174],"technique":[49],"for":[50,83,102,206],"checking":[51],"if":[52],"a":[53,60],"input":[55,66,123,128,140,145,164,192],"validation":[56,67,124,141,165,193],"function":[57,125,142],"conforms":[58],"given":[61],"policy.":[62,152],"our":[64,112,155,184],"approach,":[65],"policies":[68],"expressed":[70],"using":[71,157,171],"two":[72,117],"regular":[73],"expressions,":[74],"one":[75],"specifying":[76,95],"maximum":[78,135],"policy":[79,98],"(the":[80,99],"upper":[81],"bound":[82,101],"set":[85,104],"that":[88,107,129,146,183,195],"should":[89,108],"be":[90,109],"allowed)":[91],"and":[92,170,201,204],"other":[94],"minimum":[97,151],"lower":[100],"allowed).":[110],"Using":[111],"can":[115],"identify":[116],"types":[118],"errors":[120,190],"1)":[121],"accepts":[126],"not":[131],"permitted":[132,148],"policy,":[136],"or":[137],"2)":[138],"rejects":[143],"We":[153],"implemented":[154],"dynamic":[158],"slicing":[159],"automatically":[161],"extract":[162],"functions":[166,194],"from":[167,198,202],"automata-based":[172],"string":[173],"analyze":[176],"extracted":[178],"functions.":[179],"Our":[180],"experiments":[181],"demonstrate":[182],"approach":[185],"effective":[187],"finding":[189],"collected":[197],"real-world":[199],"tutorials":[203],"books":[205],"teaching":[207]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}