Verifying Observational Determinism

Karimpour, Jaber; Isazadeh, Ayaz; Noroozi, Ali A.

doi:10.1007/978-3-319-18467-8_6

Cited by 6 publications

(4 citation statements)

References 24 publications

(37 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We believe the applicability of the algorithm can be extended and it can be used to verify many security properties, such as strong security [6] and probabilistic noninterference [6]. In an earlier paper [31], we used a similar algorithm to verify observational determinism.…”

Section: Discussionmentioning

confidence: 99%

Verifying Weak Probabilistic Noninterference

Noroozi¹,

Karimpour²,

Isazadeh³

et al. 2017

ijacsa

Self Cite

View full text Add to dashboard Cite

Abstract-Weak probabilistic noninterference is a security property for enforcing confidentiality in multi-threaded programs. It aims to guarantee secure flow of information in the program and ensure that sensitive information does not leak to attackers. In this paper, the problem of verifying weak probabilistic noninterference by leveraging formal methods, in particular algorithmic verification, is discussed. Behavior of multi-threaded programs is modeled using probabilistic Kripke structures and formalize weak probabilistic noninterference in terms of these structures. Then, a verification algorithm is proposed to check weak probabilistic noninterference. The algorithm uses an abstraction technique to compute quotient space of the program with respect to an equivalence relation called weak probabilistic bisimulation and does a simple check to decide whether the security property is satisfied or not. The progress made is demonstrated by a real-world case study. It is expected that the proposed approach constitutes a significant step towards more widely applicable secure information flow analysis.

show abstract

Section: Discussionmentioning

confidence: 99%

Verifying Weak Probabilistic Noninterference

Noroozi¹,

Karimpour²,

Isazadeh³

et al. 2017

ijacsa

Self Cite

View full text Add to dashboard Cite

show abstract

“…The paper works out the theoretical foundations of hyperproperties and contrasts them to classical trace properties. Traditionally, hyperproperties were formulated and used in a case by case fashion, see for example [41,45,53].…”

Section: Hyperpropertiesmentioning

confidence: 99%

Mutation testing with hyperproperties

2021

View full text Add to dashboard Cite

We present a new method for model-based mutation-driven test case generation. Mutants are generated by making small syntactical modifications to the model or source code of the system under test. A test case kills a mutant if the behavior of the mutant deviates from the original system when running the test. In this work, we use hyperproperties—which allow to express relations between multiple executions—to formalize different notions of killing for both deterministic as well as non-deterministic models. The resulting hyperproperties are universal in the sense that they apply to arbitrary reactive models and mutants. Moreover, an off-the-shelf model checking tool for hyperproperties can be used to generate test cases. Furthermore, we propose solutions to overcome the limitations of current model checking tools via a model transformation and a bounded SMT encoding. We evaluate our approach on a number of models expressed in two different modeling languages by generating tests using a state-of-the-art mutation testing tool.

show abstract

“…Probabilistic noninterference [ 28 , 29 , 30 ] and observational determinism [ 10 , 31 , 32 , 33 , 34 , 35 ] have been used as information flow properties to characterize the security of concurrent programs. For verifying these security properties, type systems [ 28 , 29 , 31 , 32 ], algorithmic verification [ 10 , 30 , 33 , 34 ], program analysis [ 35 ], and logics [ 36 , 37 , 38 ] have been utilized. In qualitative information flow, the security property gets rejected when there is a leakage, even a minor one.…”

Section: Related Workmentioning

confidence: 99%

Channel Capacity of Concurrent Probabilistic Programs

Salehi

Karimpour

Izadkhah

et al. 2019

Entropy

Self Cite

View full text Add to dashboard Cite

Programs are under continuous attack for disclosing secret information, and defending against these attacks is becoming increasingly vital. An attractive approach for protection is to measure the amount of secret information that might leak to attackers. A fundamental issue in computing information leakage is that given a program and attackers with various knowledge of the secret information, what is the maximum amount of leakage of the program? This is called channel capacity. In this paper, two notions of capacity are defined for concurrent probabilistic programs using information theory. These definitions consider intermediate leakage and the scheduler effect. These capacities are computed by a constrained nonlinear optimization problem. Therefore, an evolutionary algorithm is proposed to compute the capacities. Single preference voting and dining cryptographers protocols are analyzed as case studies to show how the proposed approach can automatically compute the capacities. The results demonstrate that there are attackers who can learn the whole secret of both the single preference protocol and dining cryptographers protocol. The proposed evolutionary algorithm is a general approach for computing any type of capacity in any kind of program.

show abstract

Verifying Observational Determinism

Cited by 6 publications

References 24 publications

Verifying Weak Probabilistic Noninterference

Verifying Weak Probabilistic Noninterference

Mutation testing with hyperproperties

Channel Capacity of Concurrent Probabilistic Programs

Contact Info

Product

Resources

About