Refereed Publications
-
SOUPS presentation by Adrienne Felt slides
-
Verifying Higher-order Programs with the Dijkstra Monad. In Proc. of Programming Language Design and Implementation (PLDI), 2013.
-
A Systematic Analysis of XSS Sanitization in Web Application Frameworks. In Proc. of 16th European Symposium on Research in Computer Security (ESORICS), 2011.
ESORICS presentation slides (with notes).
-
Towards Client-side HTML Security Policies. In Proc. of the Workshop on Hot Topics in Security (HotSec), 2011.
HotSec presentation slides (with notes).
-
Diesel: Applying Privilege Separation to Database Access. In Proc. of ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2011.
-
Preventing Capability Leaks in Secure JavaScript Subests. In Proc. of Network and Distributed System Security Symposium (NDSS), 2010.
Visit the project page for code and more information.
-
Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense. In Proc. of USENIX Security Symposium, 2009..
Visit the project page for code and more information.
USENIX presentation slides (with notes).
-
Composition with Consistent Updates for Abstract State Machines. In Proc. of the International ASM Workshop, 2007.
Non-Refereed Papers
-
Thesis: Analysis and Enforcement of Web Application Security Policies. University of California, Berkeley, Thesis, 2012.Monadic Refinement Types for Verifying JavaScript Programs. Microsoft Research Technical Report, 2012.ASM Relational Transducer Security Policies. Brown University Technical Report CS-06-12, 2006.