Super Brief Introduction

SUSHI is yet another string constraint solver. It handles varoius semantics regular replacement semantics such as greedy, reluctant, and declarative substitution. It's a nice tool for automatic and manual security analysis of sanitation procedures employed by web applications (e.g., to defend SQL injection and Cross Site Scripting attacks).

SUSHI can be used as a stand-alone module. You can link it to your tools at will.

Installation tested only on WindowsXP + Cygwin. To save trouble in installation, it might be convenient to extract the whole project under "c:\Xiang\Research\Projects\SAFELI\SUSHI". You might need to set up the library path of NetBeans correspondingly. Sorry - some of the file paths are hard coded in the library - we'll improve the portability in the next release of the tool.

The unit test cases with the tool is the best way to learn how to use the tool.

The algorithm of the tool is described in our NFM10 and SEKE10 papers. Check publications for details.

The latest version includes the support of Kaluza string constraint solver input format. SUSHI solver has been enhanced with solving equation sets and various transformation techniques. See our latest technical report ``Simple Linear String Constraints" for details.

We provide a VirtualBox image for ease the pain of installation. To run the VirtualBox image, you need VirtualBox 2.0.4. After installation, open NetBeans for source code. For running performance comparative study with Kaluza, run ``java sushi.PaperData.FAC_Data".

Tool Download

Click here to download the primitive version.

Acknowledgement: SUSHI uses dk.brics.automaton from http://www.brics.dk/automaton/doc/index.html for manipulating finite state machines.