Precise quantitative information flow analysis— a symbolic approach

Klebanov, Vladimir

doi:10.1016/j.tcs.2014.04.022

Cited by 31 publications

(29 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Of course, QIF is a hard problem, so computational constraints may force the user to settle for merely deriving (more or less tight) leak bounds as program complexity increases. (5) The analysis outpferforms comparable previous approaches both for theoretical reasons (e.g., it avoids computationally expensive program self-composition used in [11,12,2,13]) and practically due to the use of a number of well-connected novel and existing state-of-the-art techniques and tools for propositional reasoning. Programs, states, and transition relation.…”

Section: Introductionmentioning

confidence: 94%

“…In order to maintain automation, the latter approach gives up precise computation of the leak and opts for an approximative characterization, deriving lower and upper bounds on residual min-entropy, as well as probabilistic bounds on residual Shannon entropy. A different extension based on symbolic Barvinok counting was proposed by Klebanov in [13].…”

Section: Related Workmentioning

confidence: 99%

“…No restrictions on the shape of the indistinguishability relation are posed (in contrast to [2,14,13]). The implementation supports almost all of ANSI C by virtue of using CBMC.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SAT-Based Analysis and Quantification of Information Flow in Programs

Klebanov

Manthey

Muise

2013

Quantitative Evaluation of Systems

Self Cite

View full text Add to dashboard Cite

Abstract. Quantitative information flow analysis (QIF) is a portfolio of security techniques quantifying the flow of confidential information to public ports. In this paper, we advance the state of the art in QIF for imperative programs. We present both an abstract formulation of the analysis in terms of verification condition generation, logical projection and model counting, and an efficient concrete implementation targeting ANSI C programs. The implementation combines various novel and existing SAT-based tools for bounded model checking, # SAT solving in presence of projection, and SAT preprocessing. We evaluate the technique on synthetic and semi-realistic benchmarks.

show abstract

Section: Introductionmentioning

confidence: 94%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

SAT-Based Analysis and Quantification of Information Flow in Programs

Klebanov

Manthey

Muise

2013

Quantitative Evaluation of Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…Klebanov [13,14] has proposed efficient algorithms for exactly computing standard quantitative information flow measures of programs such as conditional (minimal) guessing entropy. The algorithms are either based on SATsolving techniques [14] or on extended Barvinok counting [22].…”

Section: Related Workmentioning

confidence: 99%

Browser Randomisation against Fingerprinting: A Quantitative Information Flow Approach

2014

View full text Add to dashboard Cite

Abstract. Web tracking companies use device fingerprinting to distinguish the users of the websites by checking the numerous properties of their machines and web browsers. One way to protect the users' privacy is to make them switch between different machine and browser configurations. We propose a formalisation of this privacy enforcement mechanism. We use information-theoretic channels to model the knowledge of the tracker and the fingerprinting program, and show how to synthesise a randomisation mechanism that defines the distribution of configurations for each user. This mechanism provides a strong guarantee of privacy (the probability of identifying the user is bounded by a given threshold) while maximising usability (the user switches to other configurations rarely). To find an optimal solution, we express the enforcement problem of randomisation by a linear program. We investigate and compare several approaches to randomisation and find that more efficient privacy enforcement would often provide lower usability. Finally, we relax the requirement of knowing the fingerprinting program in advance, by proposing a randomisation mechanism that guarantees privacy for an arbitrary program.

show abstract

“…This problem arises in many fields of computer science including artificial intelligence, program optimizations and information flow analysis [30,39]. For example, probabilistic inference problems in Bayesian networks can be solved by first representing the network as a set of propositional clauses, and then model counting the clause set to compute all the marginal probabilities [14,17,39].…”

Section: Introductionmentioning

confidence: 99%

A model counter for constraints over unbounded strings

et al. 2014

View full text Add to dashboard Cite

Model counting is the problem of determining the number of solutions that satisfy a given set of constraints. Model counting has numerous applications in the quantitative analyses of program execution time, information flow, combinatorial circuit designs as well as probabilistic reasoning. We present a new approach to model counting for structured data types, specifically strings in this work. The key ingredient is a new technique that leverages generating functions as a basic primitive for combinatorial counting. Our tool SMC which embodies this approach can model count for constraints specified in an expressive string language efficiently and precisely, thereby outperforming previous finite-size analysis tools. SMC is expressive enough to model constraints arising in realworld JavaScript applications and UNIX C utilities. We demonstrate the practical feasibility of performing quantitative analyses arising in security applications, such as determining the comparative strengths of password strength meters and determining the information leakage via side channels.

show abstract

Precise quantitative information flow analysis— a symbolic approach

Cited by 31 publications

References 10 publications

SAT-Based Analysis and Quantification of Information Flow in Programs

SAT-Based Analysis and Quantification of Information Flow in Programs

Browser Randomisation against Fingerprinting: A Quantitative Information Flow Approach

A model counter for constraints over unbounded strings

Contact Info

Product

Resources

About