Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Automatic Discovery and Quantification of Information Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
The WEKA data mining software: an update
ACM SIGKDD Explorations Newsletter
Website fingerprinting in onion routing based anonymization networks
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
A Statistical Test for Information Leaks Using Continuous Mutual Information
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
A traceability attack against e-passports
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Statistical measurement of information leakage
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
| Hi-index | 0.00 |
We present leakiEst, a tool that estimates how much information leaks from systems. To use leakiEst, an analyst must run a system with a range of secret values and record the outputs that may be exposed to an attacker. Our tool then estimates the amount of information leaked from the secret values to the observable outputs of the system. Importantly, our tool calculates the confidence intervals for these estimates, and tests whether they represent real evidence of an information leak in the system. leakiEst is freely available and has been used to verify the security of a range of real-world systems, including e-passports and Tor.