Quantitative information flow measurement techniques have been proven to be successful in detecting leakage of confidential information from programs. Modern approaches are based on formal methods, relying on program analysis to produce a SAT formula representing the program's behavior, and model counting to measure the possible information flow. However, while program analysis scales to large codebases like the OpenSSL project, the formulas produced are too complex for analysis with precise model counting. In this paper we use the approximate model counter ApproxMC2 to quantify information flow. We show that ApproxMC2 is able to provide a large performance increase for a very small loss of precision, allowing the analysis of SAT formulas p...
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer...
We present a new technique for determining how much information abouta program's secret inputs is re...
Noninterference, a strong security property for a computation process, informally says that the proc...
Quantitative information flow measurement techniques have been proven to be successful in detecting ...
A common attack point in a program is the input exposed to the user. The adversary crafts a maliciou...
acmid: 2632367 keywords: Model Counting, Quantitative Information Flow, Reliability Analysis, Symbol...
acmid: 2590328 keywords: model checking, quantitative information flow, satisfiability modulo theori...
PhDUnprecedented quantities of personal and business data are collected, stored, shared, and proces...
We report on our work-in-progress into the use of reliabil-ity analysis to quantify information leak...
International audienceQualitative information flow aims at detecting information leaks, whereas the ...
A confidential program should not allow any information about its secret inputs to be inferred from ...
This thesis contributes to the field of language-based information flow analysis with a focus on det...
We present a novel method for Quantitative Information Flow analysis. We show how the problem of com...
acmid: 2382791 issue_date: November 2012 keywords: algorithms, security, verification numpages: 5acm...
Information-flow analysis is a powerful technique for rea-soning about the sensitive information exp...
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer...
We present a new technique for determining how much information abouta program's secret inputs is re...
Noninterference, a strong security property for a computation process, informally says that the proc...
Quantitative information flow measurement techniques have been proven to be successful in detecting ...
A common attack point in a program is the input exposed to the user. The adversary crafts a maliciou...
acmid: 2632367 keywords: Model Counting, Quantitative Information Flow, Reliability Analysis, Symbol...
acmid: 2590328 keywords: model checking, quantitative information flow, satisfiability modulo theori...
PhDUnprecedented quantities of personal and business data are collected, stored, shared, and proces...
We report on our work-in-progress into the use of reliabil-ity analysis to quantify information leak...
International audienceQualitative information flow aims at detecting information leaks, whereas the ...
A confidential program should not allow any information about its secret inputs to be inferred from ...
This thesis contributes to the field of language-based information flow analysis with a focus on det...
We present a novel method for Quantitative Information Flow analysis. We show how the problem of com...
acmid: 2382791 issue_date: November 2012 keywords: algorithms, security, verification numpages: 5acm...
Information-flow analysis is a powerful technique for rea-soning about the sensitive information exp...
Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer...
We present a new technique for determining how much information abouta program's secret inputs is re...
Noninterference, a strong security property for a computation process, informally says that the proc...