What’s the Over/Under? Probabilistic Bounds on Information Leakage
| Autor: | Stephen Magill, Ian Sweet, Chad Scherrer, Michael Hicks, José Manuel Calderón Trilla |
|---|---|
| Rok vydání: | 2018 |
| Předmět: |
Computer science
Computation Probabilistic logic ComputerApplications_COMPUTERSINOTHERSYSTEMS 020207 software engineering 0102 computer and information sciences 02 engineering and technology Abstract interpretation Symbolic execution 01 natural sciences Polyhedron 010201 computation theory & mathematics Information leakage Scalability 0202 electrical engineering electronic engineering information engineering Leakage (economics) Algorithm |
| Zdroj: | Lecture Notes in Computer Science ISBN: 9783319897219 POST |
| DOI: | 10.1007/978-3-319-89722-6_1 |
| Popis: | Quantitative information flow (QIF) is concerned with measuring how much of a secret is leaked to an adversary who observes the result of a computation that uses it. Prior work has shown that QIF techniques based on abstract interpretation with probabilistic polyhedra can be used to analyze the worst-case leakage of a query, on-line, to determine whether that query can be safely answered. While this approach can provide precise estimates, it does not scale well. This paper shows how to solve the scalability problem by augmenting the baseline technique with sampling and symbolic execution. We prove that our approach never underestimates a query’s leakage (it is sound), and detailed experimental results show that we can match the precision of the baseline technique but with orders of magnitude better performance. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|