Precise Quantitative Information Flow Analysis Using Symbolic Model Counting
نویسنده
چکیده
Quantitative information flow analyses (QIF) are a class of techniques for measuring the amount of confidential information leaked by a program to its public outputs. QIF analyses can be approximative or precise, offering different trade-offs. In this paper, we lift a particular limitation of precise QIF. We show how symbolic model counting replaces explicit leak enumeration with symbolic computation, thus eliminating the associated bottleneck.
منابع مشابه
Precise quantitative information flow analysis - a symbolic approach
Quantitative information flow analysis (QIF) is a portfolio of software security assessment techniques measuring the amount of confidential information leaked by a program to its public outputs. In this paper, we extend the scope of precise QIF for deterministic imperative programs where information flow can be described with linear integer arithmetic. We propose two novel QIF analyses that pre...
متن کاملProbabilistic Analysis Based On Symbolic Game Semantics and Model Counting
Probabilistic program analysis aims to quantify the probability that a given program satisfies a required property. It has many potential applications, from program understanding and debugging to computing program reliability, compiler optimizations and quantitative information flow analysis for security. In these situations, it is usually more relevant to quantify the probability of satisfying...
متن کاملModel Counting Modulo Theories
This thesis is concerned with the quantitative assessment of security in software. More specifically, it tackles the problem of efficient computation of channel capacity, the maximum amount of confidential information leaked by software, measured in Shannon entropy or Rényi’s min-entropy. Most approaches to computing channel capacity are either efficient and return only (possibly very loose) up...
متن کاملDetection and Exploitation of Information Flow Leaks
This thesis contributes to the field of language-based information flow analysis with a focus on detection and exploitation of information flow leaks in programs. To achieve this goal, this thesis presents a number of precise semi-automatic approaches that allow one to detect, exploit and judge the severity of information flow leaks in programs. The first part of the thesis develops an approach...
متن کاملMagnetic fingerprints of rolling cells for quantitative flow cytometry in whole blood
Over the past 50 years, flow cytometry has had a profound impact on preclinical and clinical applications requiring single cell function information for counting, sub-typing and quantification of epitope expression. At the same time, the workflow complexity and high costs of such optical systems still limit flow cytometry applications to specialized laboratories. Here, we present a quantitative...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012