Decomposable negation normal form
Journal of the ACM (JACM)
Modular verification of code with SAT
Proceedings of the 2006 international symposium on Software testing and analysis
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Automatic Discovery and Quantification of Information Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Tableaux for Projection Computation and Knowledge Compilation
TABLEAUX '09 Proceedings of the 18th International Conference on Automated Reasoning with Analytic Tableaux and Related Methods
Approximation and Randomization for Quantitative Information-Flow Analysis
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Quantitative Information Flow - Verification Hardness and Possibilities
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Quantifying information leaks in software
Proceedings of the 26th Annual Computer Security Applications Conference
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Approximate quantifier elimination for propositional boolean formulae
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Existential quantification as incremental SAT
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
Applied quantitative information flow and statistical databases
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
sharpSAT: counting models with advanced component caching and implicit BCP
SAT'06 Proceedings of the 9th international conference on Theory and Applications of Satisfiability Testing
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Statistical measurement of information leakage
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Coprocessor 2.0: a flexible CNF simplifier
SAT'12 Proceedings of the 15th international conference on Theory and Applications of Satisfiability Testing
Dsharp: fast d-DNNF compilation with sharpSAT
Canadian AI'12 Proceedings of the 25th Canadian conference on Advances in Artificial Intelligence
| Hi-index | 0.00 |
Quantitative information flow analysis (QIF) is a portfolio of security techniques quantifying the flow of confidential information to public ports. In this paper, we advance the state of the art in QIF for imperative programs. We present both an abstract formulation of the analysis in terms of verification condition generation, logical projection and model counting, and an efficient concrete implementation targeting ANSI C programs. The implementation combines various novel and existing SAT-based tools for bounded model checking, #SAT solving in presence of projection, and SAT preprocessing. We evaluate the technique on synthetic and semi-realistic benchmarks.