Information leakage analysis by abstract interpretation

Authors:
Matteo Zanioli;Agostino Cortesi
Affiliations:
Università Ca' Foscari Venezia and Université Paris Diderot, Paris 7;Università Ca' Foscari Venezia
Venue:
SOFSEM'11 Proceedings of the 37th international conference on Current trends in theory and practice of computer science
Year:
2011

Citing 10
Cited 1

A sound type system for secure flow analysis

Journal of Computer Security
A lattice model of secure information flow

Communications of the ACM
Automatic discovery of linear restraints among variables of a program

POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks

POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Static Analysis for Secrecy and Non-interference in Networks of Processes

PaCT '01 Proceedings of the 6th International Conference on Parallel Computing Technologies
Abstract non-interference: parameterizing non-interference by abstract interpretation

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow security in Boundary Ambients

Information and Computation
The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems

Science of Computer Programming
Type-based analysis of PIN processing APIs

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Information flow analysis for VHDL

PaCT'05 Proceedings of the 8th international conference on Parallel Computing Technologies

SAILS: static analysis of information leakage with sample

Proceedings of the 27th Annual ACM Symposium on Applied Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Protecting the confidentiality of information stored in a computer system or transmitted over a public network is a relevant problem in computer security. The approach of information flow analysis involves performing a static analysis of the program with the aim of proving that there will not be leaks of sensitive information. In this paper we propose a new domain that combines variable dependency analysis, based on propositional formulas, and variables' value analysis, based on polyhedra. The resulting analysis is strictly more accurate than the state of the art abstract interpretation based analyses for information leakage detection. Its modular construction allows to deal with the tradeoff between efficiency and accuracy by tuning the granularity of the abstraction and the complexity of the abstract operators.