Kristopher Micinski
YOU?
Author Swipe
View article: Column-Oriented Datalog on the GPU
Column-Oriented Datalog on the GPU Open
Datalog is a logic programming language widely used in knowledge representation and reasoning (KRR), program analysis, and social media mining due to its expressiveness and high performance. Traditionally, Datalog engines use either row-or…
View article: Column-Oriented Datalog on the GPU
Column-Oriented Datalog on the GPU Open
Datalog is a logic programming language widely used in knowledge representation and reasoning (KRR), program analysis, and social media mining due to its expressiveness and high performance. Traditionally, Datalog engines use either row-or…
View article: Datalog with First-Class Facts
Datalog with First-Class Facts Open
Datalog is a popular logic programming language for deductive reasoning tasks in a wide array of applications, including business analytics, program analysis, and ontological reasoning. However, Datalog's restriction to flat facts over ato…
View article: Is Function Similarity Over-Engineered? Building a Benchmark
Is Function Similarity Over-Engineered? Building a Benchmark Open
Binary analysis is a core component of many critical security tasks, including reverse engineering, malware analysis, and vulnerability detection. Manual analysis is often time-consuming, but identifying commonly-used or previously-seen fu…
View article: Assemblage: Automatic Binary Dataset Construction for Machine Learning
Assemblage: Automatic Binary Dataset Construction for Machine Learning Open
Binary code is pervasive, and binary analysis is a key task in reverse engineering, malware classification, and vulnerability discovery. Unfortunately, while there exist large corpora of malicious binaries, obtaining high-quality corpora o…
View article: Optimizing Datalog for the GPU
Optimizing Datalog for the GPU Open
Modern Datalog engines (e.g., LogicBlox, Soufflé, ddlog) enable their users to write declarative queries which compute recursive deductions over extensional facts, leaving high-performance operationalization (query planning, semi-naïve eva…
View article: Bring Your Own Data Structures to Datalog
Bring Your Own Data Structures to Datalog Open
The restricted logic programming language Datalog has become a popular implementation target for deductive-analytic workloads including social-media analytics and program analysis. Modern Datalog engines compile Datalog rules to joins over…
View article: Higher-Order, Data-Parallel Structured Deduction
Higher-Order, Data-Parallel Structured Deduction Open
State-of-the-art Datalog engines include expressive features such as ADTs (structured heap values), stratified aggregation and negation, various primitive operations, and the opportunity for further extension using FFIs. Current paralleliz…
View article: So You Want to Analyze Scheme Programs With Datalog?
So You Want to Analyze Scheme Programs With Datalog? Open
Static analysis approximates the results of a program by examining only its syntax. For example, control-flow analysis (CFA) determines which syntactic lambdas (for functional languages) or (for object-oriented) methods may be invoked at e…
View article: Declarative Demand-Driven Reverse Engineering
Declarative Demand-Driven Reverse Engineering Open
Binary reverse engineering is a challenging task because it often necessitates reasoning using both domain-specific knowledge (e.g., understanding entrypoint idioms common to an ABI) and logical inference (e.g., reconstructing interprocedu…
View article: Declarative Demand-Driven Reverse Engineering
Declarative Demand-Driven Reverse Engineering Open
interactively, via a GUI or CLI) in a variety of ways.For example, a reverse engineer looking for a time bomb may first search for calls to the system's time function, and then walk backwards to understand whether each call is associated w…
View article: An Observational Investigation of Reverse Engineers' Processes
An Observational Investigation of Reverse Engineers' Processes Open
Reverse engineering is a complex process essential to software-security tasks such as vulnerability discovery and malware analysis. Significant research and engineering effort has gone into developing tools to support reverse engineers. Ho…
View article: An Observational Investigation of Reverse Engineers' Process and Mental Models
An Observational Investigation of Reverse Engineers' Process and Mental Models Open
Reverse engineering is a complex task essential to several software security jobs like vulnerability discovery and malware analysis. While traditional program comprehension tasks (e.g., program maintenance or debugging) have been thoroughl…
View article: Symbolic Path Tracing to Find Android Permission-Use Triggers
Symbolic Path Tracing to Find Android Permission-Use Triggers Open
Understanding whether Android apps are safe requires, among other things, knowing what dynamically triggers an app to use its permissions, and under what conditions.For example, an app might access contacts after a button click, but only i…
View article: Racets: Faceted Execution in Racket
Racets: Faceted Execution in Racket Open
Faceted Execution is a linguistic paradigm for dynamic information-flow control. Under faceted execution, secure program data is represented by faceted values: decision trees that encode how the data should appear to its owner (represented…
View article: Racets: Faceted Execution in Racket
Racets: Faceted Execution in Racket Open
Faceted Execution is a linguistic paradigm for dynamic information-flow control. Under faceted execution, secure program data is represented by faceted values: decision trees that encode how the data should appear to its owner (represented…
View article: User Interactions and Permission Use on Android
User Interactions and Permission Use on Android Open
Android and other mobile operating systems ask users for authorization before allowing apps to access sensitive resources such as contacts and location. We hypothesize that such authorization systems could be improved by becoming more inte…
View article: INTERACTION-BASED SECURITY FOR MOBILE APPS
INTERACTION-BASED SECURITY FOR MOBILE APPS Open
Mobile operating systems pervade our modern lives. Security and privacy is of particular concern on these systems, as they have access to a wide range of sensitive resources. Apps access these sensitive resources to help users perform task…
View article: Checking Interaction-Based Declassification Policies for Android Using\n Symbolic Execution
Checking Interaction-Based Declassification Policies for Android Using\n Symbolic Execution Open
Mobile apps can access a wide variety of secure information, such as contacts\nand location. However, current mobile platforms include only coarse access\ncontrol mechanisms to protect such data. In this paper, we introduce\ninteraction-ba…
View article: Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution
Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution Open
Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based…