@article(amadini18, author = {Roberto Amadini and Graeme Gange and Fran{\c{c}}ois Gauthier and Alexander Jordan and Peter Schachte and S{\o}ndergaard, Harald and Peter~J. Stuckey and Chenyi Zhang}, year = {2018}, title = {Reference Abstract Domains and Applications to String Analysis}, journal = {Fundam. Informaticae}, volume = {158}, number = {4}, pages = {297--326}, doi = {10.3233/FI-2018-1650}, ) @inproceedings(arceri2018, author = {Vincenzo Arceri and Isabella Mastroeni}, year = {2019}, title = {An Automata-based Abstract Semantics for String Manipulation Languages}, editor = {Alexei Lisitsa and Andrei~P. Nemytykh}, booktitle = {Proceedings Seventh International Workshop on Verification and Program Transformation, VPT@Programming 2019, Genova, Italy, 2nd April 2019}, series = {{EPTCS}}, volume = {299}, pages = {19--33}, doi = {10.4204/EPTCS.299.5}, ) @article(tops20, author = {Vincenzo Arceri and Isabella Mastroeni}, year = {2021}, title = {Analyzing Dynamic Code: {A} Sound Abstract Interpreter for \emph{Evil} Eval}, journal = {{ACM} Trans. Priv. Secur.}, volume = {24}, number = {2}, pages = {10:1--10:38}, doi = {10.1145/3426470}, ) @article(mdpi, author = {Vincenzo Arceri and Isabella Mastroeni and Sunyi Xu}, year = {2020}, title = {Static Analysis for ECMAScript String Manipulation Programs}, journal = {Appl. Sci.}, volume = {10}, pages = {3525}, doi = {10.3390/app10103525}, ) @article(MB10, author = {Musard Balliu and Isabella Mastroeni}, year = {2010}, title = {A Weakest Precondition Approach to Robustness}, journal = {Trans. Comput. Sci.}, volume = {10}, pages = {261--297}, doi = {10.1007/978-3-642-17499-5\_11}, ) @inproceedings(BuroM18, author = {Samuele Buro and Isabella Mastroeni}, year = {2018}, title = {Abstract Code Injection - {A} Semantic Approach Based on Abstract Non-Interference}, editor = {Isil Dillig and Jens Palsberg}, booktitle = {Verification, Model Checking, and Abstract Interpretation - 19th International Conference, {VMCAI} 2018, Los Angeles, CA, USA, January 7-9, 2018, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {10747}, publisher = {Springer}, pages = {116--137}, doi = {10.1007/978-3-319-73721-8\_6}, ) @inproceedings(choi2006, author = {Tae{-}Hyoung Choi and Oukseh Lee and Hyunha Kim and Kyung{-}Goo Doh}, year = {2006}, title = {A Practical String Analyzer by the Widening Approach}, editor = {Naoki Kobayashi}, booktitle = {Programming Languages and Systems, 4th Asian Symposium, {APLAS} 2006, Sydney, Australia, November 8-10, 2006, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {4279}, publisher = {Springer}, pages = {374--388}, doi = {10.1007/11924661\_23}, ) @article(costantini15, author = {Giulia Costantini and Pietro Ferrara and Agostino Cortesi}, year = {2015}, title = {A suite of abstract domains for static analysis of string values}, journal = {Softw. Pract. Exp.}, volume = {45}, number = {2}, pages = {245--287}, doi = {10.1002/spe.2218}, ) @inproceedings(JGM12, author = {Roberto Giacobazzi and Neil~D. Jones and Isabella Mastroeni}, year = {2012}, title = {Obfuscation by partial evaluation of distorted interpreters}, editor = {Oleg Kiselyov and Simon~J. Thompson}, booktitle = {Proceedings of the {ACM} {SIGPLAN} 2012 Workshop on Partial Evaluation and Program Manipulation, {PEPM} 2012, Philadelphia, Pennsylvania, USA, January 23-24, 2012}, publisher = {{ACM}}, pages = {63--72}, doi = {10.1145/2103746.2103761}, ) @inproceedings(GM04CSL, author = {Roberto Giacobazzi and Isabella Mastroeni}, year = {2004}, title = {Proving Abstract Non-interference}, editor = {Jerzy Marcinkowski and Andrzej Tarlecki}, booktitle = {Computer Science Logic, 18th International Workshop, {CSL} 2004, 13th Annual Conference of the EACSL, Karpacz, Poland, September 20-24, 2004, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {3210}, publisher = {Springer}, pages = {280--294}, doi = {10.1007/978-3-540-30124-0\_23}, ) @article(GiacobazziM10bis, author = {Roberto Giacobazzi and Isabella Mastroeni}, year = {2010}, title = {Adjoining classified and unclassified information by abstract interpretation}, journal = {J. Comput. Secur.}, volume = {18}, number = {5}, pages = {751--797}, doi = {10.3233/JCS-2009-0382}, ) @article(GiacobazziM10, author = {Roberto Giacobazzi and Isabella Mastroeni}, year = {2010}, title = {A Proof System for Abstract Non-interference}, journal = {J. Log. Comput.}, volume = {20}, number = {2}, pages = {449--479}, doi = {10.1093/logcom/exp053}, ) @inproceedings(GiacobazziM12, author = {Roberto Giacobazzi and Isabella Mastroeni}, year = {2012}, title = {Making Abstract Interpretation Incomplete: Modeling the Potency of Obfuscation}, editor = {Antoine Min{\'{e}} and David Schmidt}, booktitle = {Static Analysis - 19th International Symposium, {SAS} 2012, Deauville, France, September 11-13, 2012. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {7460}, publisher = {Springer}, pages = {129--145}, doi = {10.1007/978-3-642-33125-1\_11}, ) @article(GiacobazziM18, author = {Roberto Giacobazzi and Isabella Mastroeni}, year = {2018}, title = {Abstract Non-Interference: {A} Unifying Framework for Weakening Information-flow}, journal = {{ACM} Trans. Priv. Secur.}, volume = {21}, number = {2}, pages = {9:1--9:31}, doi = {10.1145/3175660}, ) @inproceedings(GQ01, author = {Roberto Giacobazzi and Elisa Quintarelli}, year = {2001}, title = {Incompleteness, Counterexamples, and Refinements in Abstract Model-Checking}, editor = {Patrick Cousot}, booktitle = {Static Analysis, 8th International Symposium, {SAS} 2001, Paris, France, July 16-18, 2001, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {2126}, publisher = {Springer}, pages = {356--373}, doi = {10.1007/3-540-47764-0\_20}, ) @inproceedings(jensen2012, author = {Simon~Holm Jensen and Peter~A. Jonsson and M{\o}ller, Anders}, year = {2012}, title = {Remedying the eval that men do}, editor = {Mats Per~Erik Heimdahl and Zhendong Su}, booktitle = {International Symposium on Software Testing and Analysis, {ISSTA} 2012, Minneapolis, MN, USA, July 15-20, 2012}, publisher = {{ACM}}, pages = {34--44}, doi = {10.1145/2338965.2336758}, ) @inproceedings(jsai, author = {Vineeth Kashyap and Kyle Dewey and Ethan~A. Kuefner and John Wagner and Kevin Gibbons and John Sarracino and Ben Wiedermann and Ben Hardekopf}, year = {2014}, title = {{JSAI:} a static analysis platform for JavaScript}, editor = {Shing{-}Chi Cheung and Alessandro Orso and Margaret{-}Anne~D. Storey}, booktitle = {Proceedings of the 22nd {ACM} {SIGSOFT} International Symposium on Foundations of Software Engineering, (FSE-22), Hong Kong, China, November 16 - 22, 2014}, publisher = {{ACM}}, pages = {121--132}, doi = {10.1145/2635868.2635904}, ) @inproceedings(Mastroeni13, author = {Isabella Mastroeni}, year = {2013}, title = {Abstract interpretation-based approaches to Security - {A} Survey on Abstract Non-Interference and its Challenging Applications}, editor = {Anindya Banerjee and Olivier Danvy and Kyung{-}Goo Doh and John Hatcliff}, booktitle = {Semantics, Abstract Interpretation, and Reasoning about Programs: Essays Dedicated to David A. Schmidt on the Occasion of his Sixtieth Birthday, Manhattan, Kansas, USA, 19-20th September 2013}, series = {{EPTCS}}, volume = {129}, pages = {41--65}, doi = {10.4204/EPTCS.129.4}, ) @inproceedings(MastroeniN10, author = {Isabella Mastroeni and Durica Nikolic}, year = {2010}, title = {Abstract Program Slicing: From Theory towards an Implementation}, editor = {Jin~Song Dong and Huibiao Zhu}, booktitle = {Formal Methods and Software Engineering - 12th International Conference on Formal Engineering Methods, {ICFEM} 2010, Shanghai, China, November 17-19, 2010. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {6447}, publisher = {Springer}, pages = {452--467}, doi = {10.1007/978-3-642-16901-4\_30}, ) @article(MastroeniZ17, author = {Isabella Mastroeni and Damiano Zanardini}, year = {2017}, title = {Abstract Program Slicing: An Abstract Interpretation-Based Approach to Program Slicing}, journal = {{ACM} Trans. Comput. Log.}, volume = {18}, number = {1}, pages = {7:1--7:58}, doi = {10.1145/3029052}, ) @article(DMavrogiannopoulosKP11, author = {Nikos Mavrogiannopoulos and Nessim Kisserli and Bart Preneel}, year = {2011}, title = {A taxonomy of self-modifying code for obfuscation}, journal = {Comput. Secur.}, volume = {30}, number = {8}, pages = {679--691}, doi = {10.1016/j.cose.2011.08.007}, ) @book(mine2013, author = {Antoine Min{\'{e}}}, year = {2013}, title = {Static analysis by abstract interpretation of concurrent programs. (Analyse statique par interpr{\'{e}}tation abstraite de programmes concurrents)}, url = {https://tel.archives-ouvertes.fr/tel-00903447}, ) @inproceedings(negrini21, author = {Luca Negrini and Vincenzo Arceri and Pietro Ferrara and Agostino Cortesi}, year = {2021}, title = {Twinning Automata and Regular Expressions for String Static Analysis}, editor = {Fritz Henglein and Sharon Shoham and Yakir Vizel}, booktitle = {Verification, Model Checking, and Abstract Interpretation - 22nd International Conference, {VMCAI} 2021, Copenhagen, Denmark, January 17-19, 2021, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {12597}, publisher = {Springer}, pages = {267--290}, doi = {10.1007/978-3-030-67067-2\_13}, ) @inproceedings(PredaGLM15bis, author = {Mila~Dalla Preda and Roberto Giacobazzi and Arun Lakhotia and Isabella Mastroeni}, year = {2015}, title = {Abstract Symbolic Automata: Mixed syntactic/semantic similarity analysis of executables}, editor = {Sriram~K. Rajamani and David Walker}, booktitle = {Proceedings of the 42nd Annual {ACM} {SIGPLAN-SIGACT} Symposium on Principles of Programming Languages, {POPL} 2015, Mumbai, India, January 15-17, 2015}, publisher = {{ACM}}, pages = {329--341}, doi = {10.1145/2676726.2676986}, ) @inproceedings(RichardsHBV11, author = {Gregor Richards and Christian Hammer and Brian Burg and Jan Vitek}, year = {2011}, title = {The Eval That Men Do - {A} Large-Scale Study of the Use of Eval in JavaScript Applications}, editor = {Mira Mezini}, booktitle = {{ECOOP} 2011 - Object-Oriented Programming - 25th European Conference, Lancaster, UK, July 25-29, 2011 Proceedings}, series = {Lecture Notes in Computer Science}, volume = {6813}, publisher = {Springer}, pages = {52--78}, doi = {10.1007/978-3-642-22655-7\_4}, ) @article(tarjan, author = {Robert~Endre Tarjan}, year = {1972}, title = {Depth-First Search and Linear Graph Algorithms}, journal = {{SIAM} J. Comput.}, volume = {1}, number = {2}, pages = {146--160}, doi = {10.1137/0201010}, ) @book(compiler-design, author = {Reinhard Wilhelm and Helmut Seidl and Sebastian Hack}, year = {2013}, title = {Compiler Design - Syntactic and Semantic Analysis}, publisher = {Springer}, doi = {10.1007/978-3-642-17540-4}, )