Dynamic leakage - a need for a new quantitative information flow measure

Nataliia Bielova 1
1 INDES - Secure Diffuse Programming
CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : A number of measures for quantifying information leakage of a program have been proposed. Most of these measures evaluate a program as a whole by quantifying how much information can be leaked on average by different program outputs. While these measures perfectly fit for static program analyses, they cannot be used by dynamic analyses since they do not specify what information an attacker learns through observing one concrete program output. In this paper we study the existing definitions of quantitative information flow. Our goal is to find the definition of dynamic leakage – it should evaluate how much information an attacker learns when she observes one program output. Surprisingly, we find out that none of the existing definitions provide a suitable measure for dynamic leakage. We hence open a new research question in quantitative information flow area: which definition of dynamic leakage is suitable?
Type de document :
Communication dans un congrès
Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, Oct 2016, Vienna, Austria. pp.83-88, 2016, 〈10.1145/2993600.2993607〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01409706
Contributeur : Nataliia Bielova <>
Soumis le : mardi 13 décembre 2016 - 17:03:54
Dernière modification le : jeudi 11 janvier 2018 - 16:48:03

Annexe

Identifiants

Collections

Citation

Nataliia Bielova. Dynamic leakage - a need for a new quantitative information flow measure. Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security, Oct 2016, Vienna, Austria. pp.83-88, 2016, 〈10.1145/2993600.2993607〉. 〈hal-01409706〉

Partager

Métriques

Consultations de la notice

130

Téléchargements de fichiers

26