"Benchmarking Static Analysis Tools for Web Security", IEEE Transactions on Reliability, vol. 67, no. 3: IEEE, pp. 1159–1175, 2018.
"Detecting Network Threats using OSINT Knowledge-based IDS", In Proceedings of the European Dependable Computing Conference (EDCC), 2018.
"An empirical study on combining diverse static analysis tools for web security vulnerabilities based on development scenarios", Computing: Springer, pp. 1–25, 2018.
"FlowHacker: Detecting Unknown Network Attacks in Big Traffic Data using Network Flows", 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE): IEEE, pp. 567–572, 2018.
"Validating and Securing DLMS/COSEM Implementations with the ValiDLMS Framework", 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W): IEEE, pp. 179–184, 2018.
"On Combining Diverse Static Analysis Tools for Web Security: An Empirical Study", 2017 13th European Dependable Computing Conference (EDCC): IEEE, pp. 121–128, 2017.
"Demonstrating a Tool for Injection Attack Prevention in MySQL", Dependable Systems and Networks (DSN), 2017 47th Annual IEEE/IFIP International Conference on: IEEE, pp. 551–558, 2017.
"DEKANT: a static analysis tool that learns to detect web application vulnerabilities", Proceedings of the 25th International Symposium on Software Testing and Analysis: ACM, pp. 1–11, 2016.
"Detecting and removing web application vulnerabilities with static analysis and data mining", IEEE Transactions on Reliability, vol. 65, no. 1: IEEE, pp. 54–69, 2016.
"Equipping WAP with weapons to detect vulnerabilities", Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2016.
"Equipping WAP with WEAPONS to Detect Vulnerabilities: Practical Experience Report", Dependable Systems and Networks (DSN), 2016 46th Annual IEEE/IFIP International Conference on: IEEE, pp. 630–637, 2016.
"Hacking the DBMS to Prevent Injection Attacks", Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy: ACM, pp. 295–306, 2016.
"Automatic detection and correction of web application vulnerabilities using data mining to predict false positives", Proceedings of the 23rd international conference on World wide web: International World Wide Web Conferences Steering Committee, pp. 63–74, 2014.
"Securing energy metering software with automatic source code correction", Industrial Informatics (INDIN), 2013 11th IEEE International Conference on: IEEE, pp. 701–706, 2013.