{"id":"https://openalex.org/W2295791966","doi":"https://doi.org/10.1145/2837614.2837641","title":"String solving with word equations and transducers: towards a logic for analysing mutation XSS","display_name":"String solving with word equations and transducers: towards a logic for analysing mutation XSS","publication_year":2016,"publication_date":"2016-01-07","ids":{"openalex":"https://openalex.org/W2295791966","doi":"https://doi.org/10.1145/2837614.2837641","mag":"2295791966"},"language":"en","primary_location":{"id":"doi:10.1145/2837614.2837641","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2837614.2837641","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://repositorio.uchile.cl/handle/2250/140127","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034129725","display_name":"Anthony W. Lin","orcid":"https://orcid.org/0000-0003-4715-5096"},"institutions":[{"id":"https://openalex.org/I3089745140","display_name":"Yale-NUS College","ror":"https://ror.org/04g9wch13","country_code":"SG","type":"education","lineage":["https://openalex.org/I3089745140"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Anthony W. Lin","raw_affiliation_strings":["Yale-NUS College, Singapore"],"affiliations":[{"raw_affiliation_string":"Yale-NUS College, Singapore","institution_ids":["https://openalex.org/I3089745140"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5051683347","display_name":"Pablo Barcel\u00f3","orcid":"https://orcid.org/0000-0003-2293-2653"},"institutions":[{"id":"https://openalex.org/I69737025","display_name":"University of Chile","ror":"https://ror.org/047gc3g35","country_code":"CL","type":"education","lineage":["https://openalex.org/I69737025"]}],"countries":["CL"],"is_corresponding":false,"raw_author_name":"Pablo Barcel\u00f3","raw_affiliation_strings":["University of Chile, Chile"],"affiliations":[{"raw_affiliation_string":"University of Chile, Chile","institution_ids":["https://openalex.org/I69737025"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5034129725"],"corresponding_institution_ids":["https://openalex.org/I3089745140"],"apc_list":null,"apc_paid":null,"fwci":16.6286,"has_fulltext":false,"cited_by_count":64,"citation_normalized_percentile":{"value":0.98962823,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"123","last_page":"136"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9901999831199646,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/decidability","display_name":"Decidability","score":0.9156728982925415},{"id":"https://openalex.org/keywords/string","display_name":"String (physics)","score":0.7024337649345398},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6979031562805176},{"id":"https://openalex.org/keywords/undecidable-problem","display_name":"Undecidable problem","score":0.6780419945716858},{"id":"https://openalex.org/keywords/fragment","display_name":"Fragment (logic)","score":0.6689691543579102},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.49659639596939087},{"id":"https://openalex.org/keywords/word","display_name":"Word (group theory)","score":0.4816397726535797},{"id":"https://openalex.org/keywords/automaton","display_name":"Automaton","score":0.4465736746788025},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.4423544108867645},{"id":"https://openalex.org/keywords/satisfiability","display_name":"Satisfiability","score":0.4329894185066223},{"id":"https://openalex.org/keywords/temporal-logic","display_name":"Temporal logic","score":0.426194965839386},{"id":"https://openalex.org/keywords/finite-state-machine","display_name":"Finite-state machine","score":0.4167783558368683},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3760572671890259},{"id":"https://openalex.org/keywords/discrete-mathematics","display_name":"Discrete mathematics","score":0.3307548761367798},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.2388342320919037}],"concepts":[{"id":"https://openalex.org/C153269930","wikidata":"https://www.wikidata.org/wiki/Q430001","display_name":"Decidability","level":2,"score":0.9156728982925415},{"id":"https://openalex.org/C157486923","wikidata":"https://www.wikidata.org/wiki/Q1376436","display_name":"String (physics)","level":2,"score":0.7024337649345398},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6979031562805176},{"id":"https://openalex.org/C192034797","wikidata":"https://www.wikidata.org/wiki/Q3502995","display_name":"Undecidable problem","level":3,"score":0.6780419945716858},{"id":"https://openalex.org/C2776235265","wikidata":"https://www.wikidata.org/wiki/Q18392052","display_name":"Fragment (logic)","level":2,"score":0.6689691543579102},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.49659639596939087},{"id":"https://openalex.org/C90805587","wikidata":"https://www.wikidata.org/wiki/Q10944557","display_name":"Word (group theory)","level":2,"score":0.4816397726535797},{"id":"https://openalex.org/C112505250","wikidata":"https://www.wikidata.org/wiki/Q787116","display_name":"Automaton","level":2,"score":0.4465736746788025},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.4423544108867645},{"id":"https://openalex.org/C168773769","wikidata":"https://www.wikidata.org/wiki/Q1350299","display_name":"Satisfiability","level":2,"score":0.4329894185066223},{"id":"https://openalex.org/C25016198","wikidata":"https://www.wikidata.org/wiki/Q781833","display_name":"Temporal logic","level":2,"score":0.426194965839386},{"id":"https://openalex.org/C167822520","wikidata":"https://www.wikidata.org/wiki/Q176452","display_name":"Finite-state machine","level":2,"score":0.4167783558368683},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3760572671890259},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.3307548761367798},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.2388342320919037},{"id":"https://openalex.org/C37914503","wikidata":"https://www.wikidata.org/wiki/Q156495","display_name":"Mathematical physics","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/2837614.2837641","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2837614.2837641","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","raw_type":"proceedings-article"},{"id":"pmh:oai:ora.ox.ac.uk:uuid:0fd0b793-bdf5-4fa3-8e36-4e9144e4025e","is_oa":false,"landing_page_url":"https://ora.ox.ac.uk/objects/uuid:0fd0b793-bdf5-4fa3-8e36-4e9144e4025e","pdf_url":null,"source":{"id":"https://openalex.org/S4306402636","display_name":"Oxford University Research Archive (ORA) (University of Oxford)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I40120149","host_organization_name":"University of Oxford","host_organization_lineage":["https://openalex.org/I40120149"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference item"},{"id":"pmh:oai:repositorio.uchile.cl:2250/140127","is_oa":true,"landing_page_url":"https://repositorio.uchile.cl/handle/2250/140127","pdf_url":null,"source":{"id":"https://openalex.org/S4306481413","display_name":"Universidad de Chile","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Art\u00edculo de revista"}],"best_oa_location":{"id":"pmh:oai:repositorio.uchile.cl:2250/140127","is_oa":true,"landing_page_url":"https://repositorio.uchile.cl/handle/2250/140127","pdf_url":null,"source":{"id":"https://openalex.org/S4306481413","display_name":"Universidad de Chile","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Art\u00edculo de revista"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7200000286102295}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":80,"referenced_works":["https://openalex.org/W254881558","https://openalex.org/W1481397690","https://openalex.org/W1503170978","https://openalex.org/W1505482284","https://openalex.org/W1507039213","https://openalex.org/W1511963917","https://openalex.org/W1530609294","https://openalex.org/W1555798330","https://openalex.org/W1565656617","https://openalex.org/W1572832005","https://openalex.org/W1584451387","https://openalex.org/W1599228120","https://openalex.org/W1755755119","https://openalex.org/W1809751277","https://openalex.org/W1869685613","https://openalex.org/W1917555234","https://openalex.org/W1952344271","https://openalex.org/W1965940079","https://openalex.org/W1966217515","https://openalex.org/W1982129592","https://openalex.org/W1982132104","https://openalex.org/W1987469449","https://openalex.org/W1993370765","https://openalex.org/W1994584977","https://openalex.org/W1999396796","https://openalex.org/W2002447170","https://openalex.org/W2008158744","https://openalex.org/W2011875300","https://openalex.org/W2017035494","https://openalex.org/W2023036777","https://openalex.org/W2023887108","https://openalex.org/W2023999667","https://openalex.org/W2028685566","https://openalex.org/W2031525781","https://openalex.org/W2031830821","https://openalex.org/W2037286444","https://openalex.org/W2039529128","https://openalex.org/W2044901139","https://openalex.org/W2050426366","https://openalex.org/W2075573771","https://openalex.org/W2094568767","https://openalex.org/W2099837287","https://openalex.org/W2101936540","https://openalex.org/W2102924625","https://openalex.org/W2107604680","https://openalex.org/W2111487235","https://openalex.org/W2117331553","https://openalex.org/W2117402063","https://openalex.org/W2117657788","https://openalex.org/W2126533781","https://openalex.org/W2130370455","https://openalex.org/W2134646643","https://openalex.org/W2137351629","https://openalex.org/W2137510094","https://openalex.org/W2138124253","https://openalex.org/W2151619740","https://openalex.org/W2162593546","https://openalex.org/W2164622707","https://openalex.org/W2166461033","https://openalex.org/W2169092431","https://openalex.org/W2169868363","https://openalex.org/W2170830071","https://openalex.org/W2177614278","https://openalex.org/W2181775248","https://openalex.org/W2194959641","https://openalex.org/W2196559987","https://openalex.org/W2295791966","https://openalex.org/W2296095876","https://openalex.org/W2350778671","https://openalex.org/W2415170901","https://openalex.org/W2499290539","https://openalex.org/W3145128584","https://openalex.org/W4242157899","https://openalex.org/W4246219036","https://openalex.org/W4300021588","https://openalex.org/W6628836516","https://openalex.org/W6630550951","https://openalex.org/W6640222889","https://openalex.org/W6649090136","https://openalex.org/W6823707895"],"related_works":["https://openalex.org/W2972379433","https://openalex.org/W2989332944","https://openalex.org/W2021891065","https://openalex.org/W2583549044","https://openalex.org/W2119045600","https://openalex.org/W2584984136","https://openalex.org/W2170336571","https://openalex.org/W2962928105","https://openalex.org/W2585890227","https://openalex.org/W1543051890"],"abstract_inverted_index":{"We":[0,167],"study":[1],"the":[2,33,58,82,88,124,128,142,170,185,190],"fundamental":[3],"issue":[4],"of":[5,7,25,35,47,91,127,145,192],"decidability":[6,34],"satisfiability":[8],"over":[9],"string":[10,103],"logics":[11,144],"with":[12,65,149],"concatenations":[13,150],"and":[14,74,98,109,151,197],"finite-state":[15],"transducers":[16,85,110],"as":[17,153],"atomic":[18,154],"operations.":[19],"Although":[20],"restricting":[21],"to":[22,94,113,121,136],"one":[23,59],"type":[24],"operations":[26],"yields":[27],"decidability,":[28],"little":[29],"is":[30,40,120,130],"known":[31],"about":[32],"their":[36],"combined":[37],"theory,":[38],"which":[39,156],"especially":[41],"relevant":[42],"when":[43,158],"analysing":[44,178],"security":[45],"vulnerabilities":[46],"dynamic":[48,164],"web":[49,182],"pages":[50],"in":[51,181,189],"a":[52],"more":[53],"realistic":[54],"browser":[55,76,99],"model.":[56],"On":[57,81],"hand,":[60,84],"word":[61,107],"equations":[62,108],"(string":[63],"logic":[64,129,171,186],"concatenations)":[66],"cannot":[67],"precisely":[68],"capture":[69],"sanitisation":[70,96],"functions":[71,97],"(e.g.":[72,78],"htmlescape)":[73],"implicit":[75],"transductions":[77,152],"innerHTML":[79],"mutations).":[80],"other":[83],"suffer":[86],"from":[87,134],"reverse":[89],"problem":[90],"being":[92],"able":[93],"model":[95,161],"transductions,":[100],"but":[101],"not":[102],"concatenations.":[104],"Naively":[105],"combining":[106],"easily":[111],"leads":[112],"an":[114],"undecidable":[115],"logic.":[116],"Our":[117],"main":[118],"contribution":[119],"show":[122],"that":[123,169],"\"straight-line":[125],"fragment\"":[126],"decidable":[131,188],"(complexity":[132],"ranges":[133],"PSPACE":[135],"EXPSPACE).":[137],"The":[138],"fragment":[139],"can":[140,172],"express":[141,174],"program":[143],"straight-line":[146],"string-manipulating":[147],"programs":[148],"operations,":[155],"arise":[157],"performing":[159],"bounded":[160],"checking":[162],"or":[163],"symbolic":[165],"executions.":[166],"demonstrate":[168],"naturally":[173],"constraints":[175],"required":[176],"for":[177],"mutation":[179],"XSS":[180],"applications.":[183],"Finally,":[184],"remains":[187],"presence":[191],"length,":[193],"letter-counting,":[194],"regular,":[195],"indexOf,":[196],"disequality":[198],"constraints.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":14},{"year":2019,"cited_by_count":6},{"year":2018,"cited_by_count":9},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":4}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}