W
William G. J. Halfond
Researcher at University of Southern California
Publications - 75
Citations - 4932
William G. J. Halfond is an academic researcher from University of Southern California. The author has contributed to research in topics: Web application & Web page. The author has an hindex of 33, co-authored 69 publications receiving 4500 citations. Previous affiliations of William G. J. Halfond include Microsoft & Georgia Institute of Technology.
Papers
More filters
A Classification of SQL-Injection Attacks and Countermeasures
TL;DR: An extensive review of the different types of SQL injection attacks known to date is presented, including descriptions and examples of how attacks of that type could be performed and existing detection and prevention techniques against SQL injections.
Proceedings ArticleDOI
AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks
TL;DR: A new technique using a model-based approach to detect illegal queries before they are executed on the database and was able to stop all of the attempted attacks without generating any false positives.
Proceedings ArticleDOI
PUMA: programmable UI-automation for large-scale dynamic analysis of mobile apps
TL;DR: The PUMA framework is a programmable framework that contains a generic UI automation capability that exposes high-level events for which users can define handlers and incorporates mechanisms for scaling dynamic analysis to thousands of apps.
Proceedings ArticleDOI
Estimating mobile application energy consumption using program analysis
TL;DR: This paper proposes a new approach that is both lightweight in terms of its developer requirements and provides fine-grained estimates of energy consumption at the code level using a novel combination of program analysis and per-instruction energy modeling.
Proceedings ArticleDOI
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
TL;DR: A new, highly automated approach for protecting existing Web applications against SQL injection, based on the novel idea of positive tainting and the concept of syntax-aware evaluation is proposed.