Information Leakage by Trace Analysis in QUAIL

Fabrizio Biondi 1 Jean Quilbeuf 1 Axel Legay 1
1 ESTASYS - Efficient STAtistical methods in SYstems of systems
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : Quantitative security techniques have been proven effective to measure the security of systems against various types of attackers. However, such tech-niques are based on computing exponentially large channel matrices or Markov chains, making them impractical for large programs. We propose a different ap-proach based on abstract trace analysis. By analyzing directly sets of execution traces of the program and computing security measures on the results, we are able to scale down the exponential cost of the problem. Also, we are able to appy statistical simulation techniques, allowing us to obtain significant results even without exploring the full space of traces. We have implemented the resulting algorithms in the QUAIL tool. We compare their effectiveness against the state of the art LeakWatch tool on two case studies: privacy of user consumption in smart grid systems and anonymity of voters in different voting schemes.
Liste complète des métadonnées

Cited literature [21 references]  Display  Hide  Download

https://hal.inria.fr/hal-01088208
Contributor : Fabrizio Biondi <>
Submitted on : Thursday, November 27, 2014 - 4:03:30 PM
Last modification on : Friday, November 16, 2018 - 1:39:29 AM
Document(s) archivé(s) le : Friday, April 14, 2017 - 9:59:23 PM

File

main.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01088208, version 1

Citation

Fabrizio Biondi, Jean Quilbeuf, Axel Legay. Information Leakage by Trace Analysis in QUAIL. 2014. ⟨hal-01088208⟩

Share

Metrics

Record views

374

Files downloads

174