Eunsuk Kang scite author profile

The last decade has seen a dramatic growth in the use of constraint solvers as a computational mechanism, not only for analysis and synthesis of software, but also at runtime. Solvers are available for a variety of logics but are generally restricted to first-order formulas. Some tasks, however, most notably those involving synthesis, are inherently higher order; these are typically handled by embedding a first-order solver (such as a SAT or SMT solver) in a domain-specific algorithm. Using strategies similar to those used in such algorithms, we show how to extend a first-order solver (in this case Kodkod, a model finder for relational logic used as the engine of the Alloy Analyzer) so that it can handle quantifications over higher-order structures. The resulting solver is sufficiently general that it can be applied to a range of problems; it is higher order, so that it can be applied directly, without embedding in another algorithm; and it performs well enough to be competitive with specialized tools on standard benchmarks. Although the approach is demonstrated for a particular relational logic, the principles behind it could be applied to other first-order solvers. Just as the identification of first-order solvers as reusable backends advanced the performance of specialized tools and simplified their architecture, factoring out higher-order solvers may bring similar benefits to a new class of tools.

show abstract

Formal Modeling and Analysis of a Flash Filesystem in Alloy

Kang

Jackson

View full text Add to dashboard Cite

Stealthy deception attacks for cyber-physical systems

Goes

Kang

Kwong

et al. 2017

View full text Add to dashboard Cite

Model-based security analysis of a water treatment system

Kang

Adepu

Jackson

et al. 2016

View full text Add to dashboard Cite

show abstract

Digital Behavioral Twins for Safe Connected Cars

Chen

Kang

Shiraishi³

et al. 2018

View full text Add to dashboard Cite

A formal approach for detection of security flaws in the android permission system

et al. 2018

View full text Add to dashboard Cite

The ever increasing expansion of mobile applications into nearly every aspect of modern life, from banking to healthcare systems, is making their security more important than ever. Modern smartphone operating systems (OS) rely substantially on the permission-based security model to enforce restrictions on the operations that each application can perform. In this paper, we perform an analysis of the permission protocol implemented in Android, a popular OS for smartphones. We propose a formal model of the Android permission protocol in Alloy, and describe a fully automatic analysis that identifies potential flaws in the protocol. A study of real-world Android applications corroborates our finding that the flaws in the Android permission protocol can have severe security implications, in some cases allowing the attacker to bypass the permission checks entirely.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Eunsuk Kang

An Approach for Effective Design Space Exploration

Synthesis of sensor deception attacks at the supervisory layer of Cyber–Physical Systems

Alloy*: A General-Purpose Higher-Order Relational Constraint Solver

Formal Modeling and Analysis of a Flash Filesystem in Alloy

Stealthy deception attacks for cyber-physical systems

Model-based security analysis of a water treatment system

Digital Behavioral Twins for Safe Connected Cars

A formal approach for detection of security flaws in the android permission system

Contact Info

Product

Resources

About