A pump for rapid, reliable, secure communication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
An entropy conservation law for testing the completeness of covert channel analysis
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
A note on the confinement problem
Communications of the ACM
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Optical Time-Domain Eavesdropping Risks of CRT Displays
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Mode Security: An Infrastructure for Covert Channel Suppression
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
Malicious Cryptography: Exposing Cryptovirology
Malicious Cryptography: Exposing Cryptovirology
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Remote Physical Device Fingerprinting
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A Mathematical Theory of Communication
A Mathematical Theory of Communication
CADRE: Cycle-Accurate Deterministic Replay for Hardware Debugging
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
ExecRecorder: VM-based full-system replay for attack analysis and system recovery
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Assessing security threats of looping constructs
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
New cache designs for thwarting software cache-based side channel attacks
Proceedings of the 34th annual international symposium on Computer architecture
Exploiting underlying structure for detailed reconstruction of an internet-scale event
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
Detecting covert timing channels: an entropy-based approach
Proceedings of the 14th ACM conference on Computer and communications security
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Proceedings of the 2010 workshop on New security paradigms
Hi-index | 0.01 |
Conventional approaches to either information flow security or intrusion detection are not suited to detecting Trojans that steal information such as credit card numbers using advanced cryptovirological and inference channel techniques. We propose a technique based on repeated deterministic replays in a virtual machine to detect the theft of private information. We prove upper bounds on the average amount of information an attacker can steal without being detected, even if they are allowed an arbitrary distribution of visible output states. Our intrusion detection approach is more practical than traditional approaches to information flow security. We show that it is possible to, for example, bound the average amount of information an attacker can steal from a 53-bit credit card number to less than a bit by sampling only 11 of the 253 possible outputs visible to the attacker, using a two-pronged approach of hypothesis testing and information theory.