Assume-Guarantee Model Checking of Software: A Comparative Case Study
Proceedings of the 5th and 6th International SPIN Workshops on Theoretical and Practical Aspects of SPIN Model Checking
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Quantitative Information Flow, Relations and Polymorphic Types
Journal of Logic and Computation
Model Checking An Entire Linux Distribution for Security Violations
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Assessing security threats of looping constructs
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Automatic Discovery and Quantification of Information Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Approximation and Randomization for Quantitative Information-Flow Analysis
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Quantitative Information Flow - Verification Hardness and Possibilities
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Applied quantitative information flow and statistical databases
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Squeeziness: An information theoretic measure for avoiding fault masking
Information Processing Letters
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Quantitative program dependence graphs
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
SAT-Based analysis and quantification of information flow in programs
QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
HIPimm: verifying granular immutability guarantees
Proceedings of the ACM SIGPLAN 2014 Workshop on Partial Evaluation and Program Manipulation
On bounding problems of quantitative information flow
Journal of Computer Security - ESORICS 2010
| Hi-index | 0.00 |
Leakage of confidential information represents a serious security risk. Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be applied to substantial, real-world programs. This is mostly due to the high complexity of computing precise leakage quantities. In this paper, we introduce a technique which makes it possible to decide if a program conforms to a quantitative policy which scales to large state-spaces with the help of bounded model checking. Our technique is applied to a number of officially reported information leak vulnerabilities in the Linux Kernel. Additionally, we also analysed authentication routines in the Secure Remote Password suite and of a Internet Message Support Protocol implementation. Our technique shows when there is unacceptable leakage; the same technique is also used to verify, for the first time, that the applied software patches indeed plug the information leaks. This is the first demonstration of quantitative information flow addressing security concerns of real-world industrial programs.