Le, H. T., Shar, L. K., Bianculli, D., Briand, L., & Nguyen, D. C. (February 2022). Automated Reverse Engineering of Role-based Access Control Policies of Web Applications. Journal of Systems and Software, 184, 111109. doi:10.1016/j.jss.2021.111109 Peer Reviewed verified by ORBi |
Appelt, D., Nguyen, D. C., Panichella, A., & Briand, L. (September 2018). A Machine Learning-Driven Evolutionary Approach for Testing Web Application Firewalls. IEEE Transactions on Reliability, 67 (3), 733-757. doi:10.1109/TR.2018.2805763 Peer Reviewed verified by ORBi |
Jan, S., Nguyen, D. C., Andrea, A., & Briand, L. (2017). A Search-based Testing Approach for XML Injection Vulnerabilities in Web Applications. In 10th IEEE International Conference on Software Testing, Verification and validation (ICST 2017), Tokyo 13-18 March 2017. doi:10.1109/ICST.2017.39 Peer reviewed |
Jan, S., Nguyen, D. C., & Briand, L. (2016). Automated and Effective Testing of Web Services for XML Injection Attacks. In ISSTA'16-The International Symposium on Software Testing and Analysis, Saarbrücken 18-20 July 2016 (pp. 12-23). Peer reviewed |
Le, H. T., Nguyen, D. C., & Briand, L. (2016). ReACP: A Semi-Automated Framework for Reverse-engineering and Testing of Access Control Policies of Web Applications. (978-2-87971-034-1). |
Appelt, D., Nguyen, D. C., & Briand, L. (2016). Automated Testing of Web Application Firewalls. (TR-SnT-2016-1). |
Ceccato, M., Nguyen, D. C., Appelt, D., & Briand, L. (2016). SOFIA: An Automated Security Oracle for Black-Box Testing of SQL-Injection Vulnerabilities. In Proceedings of the 31th IEEE/ACM International Conference on Automated Software Engineering. Peer reviewed |
Jan, S., Nguyen, D. C., & Briand, L. (2015). Known XML Vulnerabilities Are Still a Threat to Popular Parsers and Open Source Systems. In The 2015 IEEE International Conference on Software Quality, Reliability & Security, Vancouver 3-5 August 2015. Peer reviewed |
Le, H. T., Nguyen, D. C., Briand, L., & Hourte, B. (2015). Automated Inference of Access Control Policies for Web Applications. In 20th ACM Symposium on Access Control Models and Technologies (SACMAT), 1-3 June 2015. doi:10.1145/2752952.2752969 Peer reviewed |
Appelt, D., Nguyen, D. C., & Briand, L. (2015). Behind an Application Firewall, Are We Safe from SQL Injection Attacks? In 2015 IEEE 8th International Conference on Software Testing, Verification, and Validation (ICST). doi:10.1109/ICST.2015.7102581 Peer reviewed |
Ceccato, M., Marchetto, A., Mariani, L., Nguyen, D. C., & Tonella, P. (2015). Do Automatically Generated Test Cases Make Debugging Easier? An Experimental Assessment of Debugging Effectiveness and Efficiency. ACM Transactions on Software Engineering and Methodology, 25 (1), 5:1--5:38. doi:10.1145/2768829 Peer reviewed |
Appelt, D., Nguyen, D. C., Briand, L., & Alshahwan, N. (2014). Automated Testing for SQL Injection Vulnerabilities: An Input Mutation Approach. In Proc. of the International Symposium on Software Testing and Analysis 2014. Peer reviewed |
Tonella, P., Tiella, R., & Nguyen, D. C. (2014). Interpolated N-Grams for Model Based Testing. In Interpolated N-Grams for Model Based Testing. doi:10.1145/2568225.2568242 Peer reviewed |
Appelt, D., Alshahwan, N., Nguyen, D. C., & Briand, L. (2014). Black-box SQL Injection Testing. (TR-SnT-2014-1). |
Nguyen, D. C., & Tonella, P. (14 November 2013). Automated Inference of Classifications and Dependencies for Combinatorial Testing [Paper presentation]. 28th IEEE/ACM International Conference on Automated Software Engineering. |
Tonella, P., Tiella, R., & Nguyen, D. C. (10 November 2013). N-Gram Based Test Sequence Generation from Finite State Models [Paper presentation]. 1st Future Internet Testing - FITTEST workshop. |
Nguyen, D. C., Mendelson, B., Citron, D., Shehory, O., Vos, T. E. J., & Condori, N. (October 2013). Evaluating the FITTEST Automated Testing Tools: an Industrial Case Study [Paper presentation]. 7th International Symposium on Empirical Software Engineering and Measurement. |
Nguyen, D. C., Tonella, P., Marchetto, A., Lakhotia, K., & Harman, M. (18 May 2013). Automated Generation of State Abstraction Functions using Data Invariant Inference [Paper presentation]. 8th International Workshop on Automation of Software Test (AST’13). |
Nguyen, D. C., Marchetto, A., & Tonella, P. (March 2011). Automated Detection of Discontinuities in Models Inferred from Execution Traces [Paper presentation]. 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops. |