Travelled to:1 × Czech Republic
1 × India
1 × Ireland
1 × South Africa
2 × Canada
2 × Italy
2 × United Kingdom
8 × USA
Collaborated with:O.Tripp P.Ferrara J.Dolby L.Koved S.J.Fink S.Artzi P.Centonze S.Guarnieri T.Tateishi F.Tip ∅ R.J.Flynn E.Yahav M.Sridharan R.Hay R.Berg A.Kershenbaum L.Brutschy A.Cortesi S.Shoham S.Fink G.Naumovich V.C.Sreedhar P.Cousot R.Cousot E.Geay B.G.Ryder O.Weisman A.Aydin D.Piorkowski S.Teilhet X.Zhang S.Weber T.Jaeger G.Marceau L.Zeng
Talks about:analysi (11) applic (6) web (6) access (4) secur (4) base (4) polici (3) taint (3) dynam (3) javascript (2)
Person: Marco Pistoia
DBLP: Pistoia:Marco
Contributed to:
2015
2015
2015
20152014
201320112011
201020102009
20092008200720072006200520022017Wrote 21 papers:
- ECOOP-2015-CentonzePT #analysis
- Access-rights Analysis in the Presence of Subjects (PC, MP, OT), pp. 222–246.
- ISSTA-2015-HayTP #android #communication #detection
- Dynamic detection of inter-application communication vulnerabilities in Android (RH, OT, MP), pp. 118–128.
- OOPSLA-2015-BrutschyFTP #named #resource management
- ShamDroid: gracefully degrading functionality in the presence of limited resource access (LB, PF, OT, MP), pp. 316–331.
- VMCAI-2015-CortesiFPT #mobile #policy #privacy #semantics #verification
- Datacentric Semantics for Verification of Privacy Policy Compliance by Mobile Applications (AC, PF, MP, OT), pp. 61–79.
- ISSTA-2014-TrippFP #analysis #hybrid #javascript #partial evaluation #security #web
- Hybrid security analysis of web JavaScript code via dynamic partial evaluation (OT, PF, MP), pp. 49–59.
- FASE-2013-TrippPCCG #analysis #named #scalability #security #web
- Andromeda: Accurate and Scalable Security Analysis of Web Applications (OT, MP, PC, RC, SG), pp. 210–225.
- ISSTA-2011-GuarnieriPTDTB #javascript #web
- Saving the world wide web from vulnerable JavaScript (SG, MP, OT, JD, ST, RB), pp. 177–187.
- ISSTA-2011-TateishiPT #analysis #higher-order #logic #monad #string
- Path- and index-sensitive string analysis based on monadic second-order logic (TT, MP, OT), pp. 166–176.
- OOPSLA-2011-SridharanAPGTB #analysis #named #web
- F4F: taint analysis of framework-based web applications (MS, SA, MP, SG, OT, RB), pp. 1053–1068.
- ICSE-2010-ArtziDTP #fault #locality #web
- Practical fault localization for dynamic web applications (SA, JD, FT, MP), pp. 265–274.
- ISSTA-2010-ArtziDTP #effectiveness #fault #generative #locality #testing
- Directed test generation for effective fault localization (SA, JD, FT, MP), pp. 49–60.
- ICSE-2009-GeayPTRD #analysis #composition #precise #string
- Modular string-sensitive permission analysis with demand-driven precision (EG, MP, TT, BGR, JD), pp. 177–187.
- PLDI-2009-TrippPFSW #analysis #effectiveness #named #web
- TAJ: effective taint analysis of web applications (OT, MP, SJF, MS, OW), pp. 87–97.
- VMCAI-2008-Pistoia #program analysis #programming language #security
- Program Analysis and Programming Languages for Security (MP), p. 7.
- ICSE-2007-PistoiaFFY #enterprise #modelling #policy #security #validation
- When Role Models Have Flaws: Static Validation of Enterprise Security Policies (MP, SJF, RJF, EY), pp. 478–488.
- ISSTA-2007-ShohamYFP #abstraction #mining #specification #using
- Static specification mining using automata-based abstractions (SS, EY, SF, MP), pp. 174–184.
- ISSTA-2006-CentonzeNFP #consistency #data access #validation
- Role-Based access control consistency validation (PC, GN, SJF, MP), pp. 121–132.
- ISSTA-2006-ZhangKPWJMZ #analysis
- The case for analysis preserving language transformation (XZ, LK, MP, SW, TJ, GM, LZ), pp. 191–202.
- ECOOP-2005-PistoiaFKS #analysis #detection #interprocedural
- Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection (MP, RJF, LK, VCS), pp. 362–386.
- OOPSLA-2002-KovedPK #analysis #java
- Access rights analysis for Java (LK, MP, AK), pp. 359–372.
- FASE-2017-AydinPTFP #mobile #policy #privacy #visual notation
- Visual Configuration of Mobile Privacy Policies (AA, DP, OT, PF, MP), pp. 338–355.