My work on this area has included the development of program analysis based techniques for analyzing the server side implementation of web applications. In particular, the techniques can identify interface and invocation information and use it to improve the performance of traditional testing techniques, such as penetration testing, invocation verification, and test-input generation.
||Identifying Inter-Component Control-flow in Web Applications. In Proceedings of the 15th International Conference on Web Engineering (ICWE).
||Automated Checking of Web Application Invocations. In Proceedings of the 23rd IEEE International Symposium on Software Reliability Engineering (ISSRE).
||Domain and value checking of web application invocation arguments. In Proceedings of the 26th IEEE/ACM International Conference on Automated Software Engineering (ASE) - Short Paper.
||Program Analysis To Support Quality Assurance Techniques For Web Applications. PhD thesis, Georgia Institute of Technology
||Precise Interface Identification to Improve Testing and Analysis of Web Applications. In Proceedings of the International Symposium on Software Testing and Analysis.
July 2009. Distinguished Paper Award.
||Automated Identification of Parameter Mismatches in Web Applications. In Proceedings of the Symposium on the Foundations of Software Engineering.
November 2008. Best Student Presentation Award.
||Web Application Modeling for Testing and Analysis. In Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), Doctoral Symposium.
||Improving Test Case Generation for Web Applications Using Automated Interface Discovery. In Proceedings of the Symposium on the Foundations of Software Engineering.
||Command-Form Coverage for Testing Database Applications. In Proceedings of the International Conference on Automated Software Engineering.