J. Allen, A. Christie, W. Fithen, J. Mchugh, J. Pickel et al., State of the practice of intrusion detection technologies, 2000.

J. P. Anderson and J. P. , Computer Security Threat Monitoring and Surveillance, 1980.

S. Axelsson, The base-rate fallacy and its implications for the difficulty of intrusion detection, Proceedings of the 6th ACM conference on Computer and communications security , CCS '99, pp.1-7, 1999.
DOI : 10.1145/319709.319710

C. [. Banatre, D. L. Bryce, and . Métayer, Compile-time detection of information flow in sequential programs, 3rd European Symposium on Research in Computer Security, pp.55-73, 1994.
DOI : 10.1007/3-540-58618-0_56

[. Boudol and I. Castellani, Noninterference for Concurrent Programs, ICALP '01 : Proceedings of the 28th International Colloquium on Automata, Languages and Programming, pp.382-395, 2001.
DOI : 10.1007/3-540-48224-5_32

URL : https://hal.archives-ouvertes.fr/inria-00072334

[. Beres and C. I. Dalton, Dynamic label binding at run-time, Proceedings of the 2003 workshop on New security paradigms , NSPW '03, pp.39-46, 2003.
DOI : 10.1145/986655.986662

[. Binder, J. Hulaas, and P. Moret, Advanced Java bytecode instrumentation, Proceedings of the 5th international symposium on Principles and practice of programming in Java , PPPJ '07, pp.135-144, 2007.
DOI : 10.1145/1294325.1294344

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

[. Bauer, J. Ligatti, and D. Walker, More enforceable security policies, Foundations of Computer Security : proceedings of the FLoC'02 workshop on Foundations of Computer Security, pp.95-104, 2002.

[. Banerjee, D. A. Naumann-jedidiah, R. Crandall, and F. T. Chong, Using access control for secure information flow in a java-like language Minos : Control data attack prevention orthogonal to memory model, IEEE Computer Security Foundations Workshop (CSFW) Proceeding of the 37th International Symposium on Microarchitecture, pp.155-169, 2003.

[. Chandra and M. Franz, Secure web application via automatic partitioning Dytan : a generic dynamic taint analysis framework Understanding data lifetime via whole system simulation, Vikram, Lantian Zheng, and Xin Zheng ISSTA '07 : Proceedings of the 2007 international symposium on Software testing and analysis SSYM'04 : Proceedings of the 13th conference on USENIX Security Symposium, pp.463-47531, 2004.

[. Chong, K. Vikram, and A. C. Myers, Sif : Enforcing confidentiality and integrity in web applications, Proceedings of the 16th USENIX Security Symposium, 2007.

E. Dorothy, P. J. Denning, and . Denning, Certification of programs for secure information flow, DDW00] Hervé Debar, Marc Dacier, and Andreas Wespi. A Revised Taxonomy for Intrusion-Detection Systems. Annales des Télécommunications, pp.504-5137, 1977.

D. E. Denning, A lattice model of secure information flow, Communications of the ACM, vol.19, issue.5, pp.236-243, 1976.
DOI : 10.1145/360051.360056

E. Dorothy, . Denning, H. Dalton, C. Kannan, and . Kozyrakis, An Intrusion-Detection Model Raksha : a flexible information flow architecture for software security, ISCA '07 : Proceedings of the 34th annual international symposium on Computer architecture, pp.222-232, 1987.

Y. Deswarte and L. Mé, Sécurité des réseaux et systèmes répartis. Traité IC2, série Réseaux et Télécoms, Hermes, 2002.

M. D. Ernst, J. Cockrell, W. G. Griswold, D. N. , M. Krohn et al., Dynamically discovering likely program invariants to support program evolution, SOSP '05 : Proceedings of the twentieth ACM symposium on Operating systems principles, pp.99-123, 2001.
DOI : 10.1109/32.908957

R. Focardi and R. Gorrieri, A Classification of Security Properties for Process Algebras1, Journal of Computer Security, vol.3, issue.1, pp.5-33, 1995.
DOI : 10.3233/JCS-1994/1995-3103

S. Foley, L. Gong, X. S. Qian-[-fhs97-], S. A. Forrest, A. Hofmeyr et al., A security model of dynamic labeling providing a tiered approach to verification. sp, 00 :0142 Computer immunology Proving multilevel security of a system design Lomac : Low water-mark integrity protection for cots environments, SP '00 : Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp.88-9657, 1977.

M. Franz, Moving trust out of application programs, 2006.

A. Gurvan-le-guernic, T. Banerjee, D. A. Jensen, and . Schmidt, Automata-Based Confidentiality Monitoring, ASIAN, pp.75-89, 2006.
DOI : 10.1007/11555827_21

G. Le, G. , T. Goguen, J. [. Meseguer, J. Goguen et al., Monitoring information flow Security policies and security models Unwinding and inference control, Proceedings of the Workshop on Foundations of Computer Security IEEE Symposium on Research in Security and Privacy IEEE Symposium on Security and PrivacyGSB06] Thomas Gamer, Marcus Schöller, and Roland Bless. A Granularity-adaptive System for in-Network Attack Detection Proceedings of the IEEE / IST Workshop on Monitoring, Attack Detection and Mitigation 2006, Computer Networking and Internet CNI, pp.19-30, 1982.

]. V. Hcf05a, D. Haldar, M. Chandra, . Franzhcf05b-]-v, D. Haldar et al., Dynamic taint propagation for java Practical, dynamic information-flow for virtual machines, Annual Computer Security Applications Conference (ACSAC) Programming Language Interference and Dependence (PLID'05), 2005.

G. J. William, A. Halfond, P. Orso, F. Manolios, and . Laval, Using positive tainting and syntax-aware evaluation to counter sql injection attacks Extending the noninterference version of mls for sat. sp, 0 :231, 1986. [ITS91] ITSEC. Evaluation criteria of the information system security Mining alarm clusters to improve alarm handling efficiency, 14 : Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering Office des publications officielles des Communautés européennes Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC), pp.175-185, 1991.

C. Ko and T. Redmond, Noninterference and intrusion detection, Proceedings 2002 IEEE Symposium on Security and Privacy, 2002.
DOI : 10.1109/SECPRI.2002.1004370

C. Ko and T. Redmond, Detecting race-condition attacks using noninterference, Network Associate Advanced Security Research Journal, vol.5, issue.1, 2003.

C. Ko, M. Ruschitzka, and K. N. Levitt, Execution monitoring of security-critical programs in a distributed system : A specification-based approach Information flow control for standard os abstractions, Proceedings of the 1997 IEEE Symposium on Security and Privacy Proceedings of the 21st Symposium on Operating Systems Principles, pp.175-187, 1997.

J. Kong, C. C. Zou, and H. Zhou, Improving software security via runtime instruction-level taint checking, Proceedings of the 1st workshop on Architectural and system support for improving software dependability , ASID '06, pp.18-24, 2006.
DOI : 10.1145/1181309.1181313

M. Butler-lampson, M. Abadi, E. Burrows, and . Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems, vol.10, issue.4, pp.265-310, 1992.
DOI : 10.1145/138873.138874

J. Leonard and . Lapadula, State of the art in anomaly detection and reaction Center for Integrated Intelligence Systems -The MITRE Corporation, 1999.

C. [. Lane and . Brodley, An application of machine learning to anomaly detection [LcC06] Lap Chung Lam and Tzi cker Chiueh. A general dynamic information flow tracking framework for security applications, Proc. of the 20th National Information Systems Security Conference ACSAC '06 : Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, pp.366-380, 1997.

E. Lundin and E. Jonsson, Some practical and fundamental problems with anomaly detection, Proceedings of the fourth Nordic Workshop on Secure IT systems (NORDSEC'99), 1999.

]. G. Low02, ]. W. Lowels98, S. J. Lee, and . Stolfo, Quantifying information flow Data mining approaches for intrusion detection, IEEE Computer Security Foundations Workshop Proc. of the 7th Usenix Security Symposium, 1998.

T. F. Lunt, Automated audit trail analysis and intrusion detection : a survey, Proceedings of the 11th National Computer Security Conference, pp.65-73, 1988.

F. [. Lindholm and . Yellin, The Java Virtual Machine Specification, 1999.

P. Li and S. Zdancewic, Downgrading policies and relaxed noninterference, POPL '05 : Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp.158-170, 2005.
DOI : 10.1145/1040305.1040319

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

P. Li and S. Zdancewic, Practical information-flow control in web-based information systems, CSFW '05 : Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW'05), pp.2-15, 2005.

D. Madsen, An operating system analog to the perl data tainting functionality, Proceedings of the 23rd National Information Systems Security Conference, 2000.

H. Mantel, Possibilistic definitions of security-an assembly kit, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13, p.185, 2000.
DOI : 10.1109/CSFW.2000.856936

A. Almeida, M. , and G. Boudol, On declassification and the non-disclosure policy, CSFW '05 : Proceedings of the 18th IEEE Computer Security Foundations Workshop (CSFW'05), pp.226-240, 2005.
DOI : 10.3233/JCS-2009-0355

D. Mccullough, Noninterference and the composability of security properties. sp, 00 :177, 1988.

J. Mclean, Proving Noninterference and Functional Correctness Using Traces, Journal of Computer Security, vol.1, issue.1, pp.37-58, 1992.
DOI : 10.3233/JCS-1992-1103

J. Mclean, S. Mccamant, and M. D. Ernst, A general theory of composition for trace sets closed under selective interleaving functions. sp, 00 :79 Quantitative information flow as network flow capacity, Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, 1994.

C. Andrew, B. Myers, and . Liskov, A decentralized model for information flow control, SIGOPS Oper. Syst. Rev, vol.31, issue.5, pp.129-142, 1997.

Z. Mé and . Marrakchi, Cédric Michel, Hervé Debar, and Frédéric Cuppens. La détection d'intrusions : les outils doivent coopérer. Revue de l'Electricité et de l'Electronique, pp.50-55, 2001.

B. Morin, Corrélation d'alertes issues d'outils de détection d'intrusions avec prise en compte d'informations sur le système surveillé Multilevel security in the unix tradition, INSA de Rennes Softw. Pract. Exper, issue.8, pp.22673-694, 1992.

D. [. Mantel and . Sands, Controlled Declassification Based on Intransitive Noninterference, Proc. Asian Symp. on Programming Languages and Systems, pp.129-145, 2004.
DOI : 10.1007/978-3-540-30477-7_9

C. Andrew and . Myers, Jflow : Practical mostly-static information flow control, Proceedings of the 26th ACM on Principles of Programming Languages, 1999.

J. W. Nimmer and M. D. Ernst, Invariant inference for static checking, Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering (SIGSOFT '02), pp.11-20, 2002.
DOI : 10.1145/605466.605469

K. Sr?ith, P. N. Nair, B. Simpson, A. S. Crispo, and . Tanenbaum, A virtual machine based information flow control system for policy enforcement, First International Workshop on Run Time Enforcement for Mobile and Distributed Systems, pp.1-11, 2007.

A. Nguyen-tuong, S. Guarnieri, D. Green, J. Shirley, and D. Evans, Automatically Hardening Web Applications Using Precise Tainting, IFIP Security Conference, 2005. [PS03] François Pottier and Vincent Simonet. Information flow inference for ml, 2003.
DOI : 10.1007/0-387-25660-1_20

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

F. Qin, C. Wang, Z. Li, Y. Ho-seop-kim, Y. Zhou et al., LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06), p.228, 1999.
DOI : 10.1109/MICRO.2006.29

J. [. Ryan, J. Mclean, V. Millen, and . Gligor, Non-interference : Who needs it ? csfw, p.237, 2001.
DOI : 10.1109/csfw.2001.930149

]. A. Ros95 and . Roscoe, Csp and determinism in security modelling. sp, p.114, 1995.

J. Rushby and . Noninterference, transitivity and channel-control security policies, 1992.

P. Ryan, Panel : A genealogy of non-interference, CSFW '96 : Proceedings of the 9th IEEE workshop on Computer Security Foundations, 1996.

R. S. Sandhu, Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993.
DOI : 10.1109/2.241422

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

F. B. Schneider, Enforceable security policies. Information and System Security, 2000.
DOI : 10.1109/fits.2003.1264930

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

R. L. Schwartz, Taint so easy, is it ? Sys Admin, pp.53-54, 2000.

Y. [. Sekar, M. Cai, and . Segal, A specification-based approach for building survivable systems, Proceedings of the 21st National Information Systems Security Conference (NISSC'98), pp.338-347, 1998.

[. Simonet, Flow caml in a nutshell, Proceedings of the first APPSEM-II workshop, 2003.

[. Suh, J. W. Lee, D. Zhang, and S. Devadas, Secure program execution via dynamic information flow tracking, ACM SIGARCH Computer Architecture News, vol.32, issue.5, pp.85-96, 2004.
DOI : 10.1145/1037947.1024404

A. Sabelfeld and H. Mantel, Static Confidentiality Enforcement for Distributed Programs, Proceedings of the 9th International Static Analysis Symposium, SAS'02, pp.376-394, 2002.
DOI : 10.1007/3-540-45789-5_27

]. Sm03a, A. Sabelfeld, and . Myers, Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, 2003.

A. Sabelfeld and A. C. Myers, A Model for Delimited Information Release, ISSS, pp.174-191, 2003.
DOI : 10.1007/978-3-540-37621-7_9

[. Smith, A new type system for secure information flow, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001., 2001.
DOI : 10.1109/CSFW.2001.930141

G. Smith, [. H. Saltzer, D. P. Reed, and D. D. Clark, Principles of secure information flow analysis End-to-end arguments in system design, Malware DetectionSS07] A. Sabelfeld and D. Sands. Declassification : Dimensions and principles, pp.277-288, 1984.

[. Shroff, S. F. Smith, and M. Thober, Dynamic dependency monitoring to secure information flow. csf, pp.203-217, 2007.

G. Smith and D. Volpano, Secure information flow in a multi-threaded imperative language, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '98, pp.355-364, 1998.
DOI : 10.1145/268946.268975

[. Thomas and A. Hunt, Programming Ruby : the pragmatic programmer's guide. The Pragmatic Programmers, LLC, 2005.

[. Tse, S. Zdancewic, [. Uppuluri, and R. Sekar, Run-time principals in information-flow type systems Experiences with specificationbased intrusion detection, IEEE Symposium on Security and Privacy Proceedings of the Fourth International Symposium on the Recent Advances in Intrusion Detection number 2212 in LNCS, pp.172-189, 2001.

G. Smith and D. Volpano, A type-based approach to program security, Theory and Practice of Software Development, 1997.

[. Volpano, C. Irvine, and G. Smith, A sound type system for secure flow analysis, Journal of Computer Security, vol.4, issue.2-3, pp.167-187, 1996.
DOI : 10.3233/JCS-1996-42-304

D. Volpano and G. Smith, Probabilistic noninterference in a concurrent language, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238), pp.231-253, 1999.
DOI : 10.1109/CSFW.1998.683153

W. [. Venkatakrishnan, D. C. Xu, R. Duvarney, and . Sekar, Provably Correct Runtime Enforcement of Non-interference Properties, Lecture Notes in Computer Science, vol.4307, pp.332-351, 2006.
DOI : 10.1007/11935308_24

C. Weissman, Security controls in the adept-50 timesharing system, AFIPS Conference Proceedings, pp.119-133, 1969.

[. Wittbold and D. M. Johnson, Information flow in nondeterministic systems, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy, p.144, 1990.
DOI : 10.1109/RISP.1990.63846

K. Wang, J. J. Parekh, and S. J. Stolfo, Anagram: A Content Anomaly Detector Resistant to Mimicry Attack, Recent Advances in Intrusion Detection, pp.226-248, 2006.
DOI : 10.1007/11856214_12

W. Xu, S. Bhatkar, and R. Sekar, Taint-enhanced policy enforcement : a practical approach to defeat a wide range of attacks, USENIX-SS'06 : Proceedings of the 15th conference on USENIX Security Symposium, pp.9-9, 2006.

S. Yoshihama, T. Yoshizawa, Y. Watanabe, M. Kudo, and K. Oyanagi, Dynamic Information Flow Control Architecture for Web Applications, ESORICS, pp.267-282, 2007.
DOI : 10.1007/978-3-540-74835-9_18

[. Zeldovich, S. Boyd-wickizer, E. Kohler, and D. Mazières, Making information flow explicit in HiStar, OSDI '06 : Proceedings of the 7th symposium on Operating systems design and implementation, pp.263-278, 2006.
DOI : 10.1145/2018396.2018419

S. Zdancewic, Challenges for information-flow security, Proceedings of the 1st International Workshop on Programming Language Interference and Dependence, 2004.

J. Zimmermann, Détection d'intrusions paramétrée par la politique par contrôle de flux de références, 2003.

[. Zheng and A. C. Myers, Dynamic security labels and noninterference (extended abstract) In Formal Aspects in Security and Trust, pp.27-40, 2004.

J. Zimmermann, L. Mé, and C. Bidan, Introducing Reference Flow Control for Detecting Intrusion Symptoms at the OS Level, Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection, pp.292-306, 2002.
DOI : 10.1007/3-540-36084-0_16

J. Zimmermann, L. Mé, C. B. , and F. B. Schneider, Experimenting with a policy-based hids based on an information flow control model Sasi enforcement of security policies : a retrospective, Proceedings of the Annual Computer Security Applications Conference Proceedings of the 1999 workshop on New security paradigms, pp.87-95, 1999.