Abstract
Unlike information, behaviors cannot be encrypted and may instead be protected by providing covers that generate indistinguishable observations from behaviors needed to be kept secret. Such a scheme may still leak information about secrets due to statistical difference between the occurrence probabilities of the secrets and their covers. Jensen-Shannon Divergence (JSD) is a possible means of quantifying statistical difference between two distributions and can be used to measure such information leak as is presented in this chapter. Using JSD, we quantify loss of secrecy in stochastic partially-observed discrete event systems in two settings: (i) the centralized setting, corresponding to a single attacker/observer, and (ii) the distributed collusive setting, corresponding to multiple attackers/observers, exchanging their observed information. In the centralized case, an observer structure is formed and used to aide the computation of JSD, in the limit, as the length of observations approach infinity to quantify the worst case loss of secrecy. In the distributed collusive case, channel models are introduced to extend the system model to capture the effect of exchange of observations, that allows the JSD computation of the centralized case to be applied over the extended model to measure the distributed secrecy loss.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Backes, M., Köpf, B., Rybalchenko, A.: Automatic discovery and quantification of information leaks. In: Proceedings of 30th IEEE Symposium on Security and Privacy, pp. 141–153, Washington, DC, 2009
Bryans, J., Koutny, M., Mu, C.: Towards quantitative analysis of opacity. Technical Reports Series, Newcastle University (2011)
Chen, J., Ibrahim, M., Kumar, R.: Quantification of secrecy in partially observed stochastic discrete event systems. IEEE Trans. Autom. Sci. Eng. (accepted (Sept. 2015))
Chen, J., Kumar, R.: Failure detection framework for stochastic discrete event systems with guaranteed error bounds. IEEE Trans. Autom. Control 60(6), 1542–1553 (2015)
Christian, S., Collberg, C.T.: Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. Softw. Eng. 28(8), 735–746 (2002)
Cover, T.M., Thomas, J.A.: Elements of information theory. Wiley, New York (2012)
Daemen, J., Rijmen, V.: Aes proposal: Rijndael, version 2, aes submission (1999)
Espinoza, B., Smith, G.: Min-entropy as a resource. Inf. Comput. 226, 57–75 (2013)
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: IEEE 54th Annual Symposium on Foundations of Computer Science (FOCS’ 2013), pp. 40–49, Berkeley, CA, 2013
Garg, V.K., Kumar, R., Marcus, S.I.: A probabilistic language formalism for stochastic discrete-event systems 44(2), 280–293 (1999)
Ibrahim, M., Chen, J., Kumar, R.: Secrecy in stochastic discrete event systems. In: Proceedings of 11th IEEE International Conference on Networking, Sensing and Control (ICNSC’14), pp. 48–53. Miami, FL, 2014
Ibrahim, M., Chen, J., Kumar, R.: An information theoretic measure for secrecy loss in stochastic discrete event systems. In: Proceedings of the 7th International Conference on Electronics, Computers and Artificial Intelligence (ECAI’15), pp. 1–6, Bucharest, 2015
Jacob, R., Lesage, J.J., Faure, J.M.: Opacity of discrete event systems: models, validation and quantification. In: Proceedings of the 5th International Workshop on Dependable Control of Discrete Systems (DCDS’15), hal-01139890, Cancun, Mexico, 2015
Kaijser, T.: A limit theorem for partially observed markov chains. Ann. Prob. 3(4), 677–696 (1975)
Kak, A.: Aes: Lecture notes in computer and network security (2015). Purdue University, https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture8.pdf. Accessed 1 May 2015
Kundur, D., Ahsan, K.: Practical internet steganography: Data hiding in ip. In: Proceedings of Texas Workshop on Security of Information Systems, College Station, Texas, 2003
Qiu, W., Kumar, R.: Distributed diagnosis under bounded-delay communication of immediately forwarded local observations. IEEE Trans. Syst. Man Cybern. Part A: Syst. Humans (2008)
Ren, J., Wu, J.: Survey on anonymous communications in computer networks. Comput. Commun. 33, 420–431 (2010)
Saboori, A., Hadjicostis, C.N.: Opacity verification in stochastic discrete event systems. In: Proceedings of 49th IEEE Conference on Decision and Control, pp. 6759–6764, Atlanta, GA, 2010
Saboori, A., Hadjicostis, C.N.: Probabilistic current-state opacity is undecidable. In: Proceedings of 19th International Symposium on Mathematical Theory Network and Systems (MTNS ’2010), pp. 477–483, Budapest, Hungary, 2010
Smith, G.: On the foundations of quantitative information flow. In: Proceedings of International Conference on Foundations of Software Science and Computation Structures (FoSSaCS 09), pp. 288–302, 2009
Takai, S., Kumar, R.: Verification and synthesis for secrecy in discrete-event systems. In: Proceedings of IEEE American Control Conference, (ACC ’09), pp. 4741–4746, St. Louis, MO, 2009
Wang, X., Ray, A.: A language measure for performance evaluation of discrete-event supervisory control systems. Appl. Math. Model. 28(9), 817–833 (2004)
Xie, A., Beerel, P.A.: Efficient state classification of finite-state Markov chains. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 17(12), 1334–1339 (1998)
Zhang, T., Lee, R.B.: Secure cache modeling for measuring side-channel leakage. Technical Report, Princeton University (2014)
Acknowledgments
This research was supported in part by Security and Software Engineering Research Center (S2ERC), and the National Science Foundation under the grants NSF-CCF-1331390 and NSF-ECCS 1509420.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
In this appendix, we describe the computation of an observer transition structure that can be used to track the evolution of \(G^{R}\) over its observed symbols \(\varDelta\), and the associated transition matrices \(\{ \varTheta (\delta )|\delta \in \varDelta \}\). Given the refined system model \(G^{R}\), and its observation mask \(M:\overline{\varSigma } \to \overline{\varDelta }\), define the set of traces originating at \((x,\bar{y})\), terminating at \((x^{\prime } ,\bar{y}^{\prime } )\) and executing a sequence of unobservable events followed by a single observable event with observation \(\delta\) as \(L_{{G^{R} }} ((x,\bar{y}),\delta ,(x^{\prime } ,\bar{y}^{\prime } ))\) \(: = \{ s \in \varSigma^{*} |s = u\sigma ,\) \(M(u) = \varepsilon ,M(\sigma ) = \delta ,\) \(\gamma ((x,\bar{y}),s,(x^{\prime } ,\bar{y}^{\prime } )) > 0\}\). Define its probability, \(\alpha (L_{{G^{R} }} ((x,\bar{y}),\delta ,(x^{\prime } ,\bar{y}^{\prime } )))\) \(: = \sum\nolimits_{{s \in L_{{G^{R} }} ((x,\bar{y}),\delta ,(x^{\prime } ,\bar{y}^{\prime } ))}} {\gamma ((x,\bar{y}),s,(x^{\prime } ,\bar{y}^{\prime } ))}\), and denote it as \(\theta_{{(x,\bar{y}),\delta ,(x^{\prime } ,\bar{y}^{\prime } )}}\). Also, define \(\lambda_{ij} = \sum\nolimits_{{\sigma \in \varSigma_{uo} }} {\gamma (i,\sigma ,j)}\) as the probability of transitioning from \((x,\bar{y})\) to \((x^{\prime } ,\bar{y}^{\prime } )\) while executing a single unobservable event. Then, letting \(i = (x,\bar{y})\) and \(j = (x^{\prime } ,\bar{y}^{\prime } )\), \(\theta_{i,\delta ,j} = \sum\nolimits_{k} {\lambda_{ik} \theta_{k,\delta ,j} + \sum\nolimits_{\sigma \in \varSigma :M(\sigma ) = \delta } {(i,\sigma ,j)} }\), where the first term on the right hand side (RHS) corresponds to transitioning in at least two steps (i to intermediate k unobservably, and k to j with a single observation \(\delta\) at the end), whereas the second term on RHS corresponds to transitioning in exactly one step [3, 12]. Thus, for each \(\delta \in \varDelta\), all the probabilities \(\{ \theta_{i,\delta ,j} |i,j \in X \times \overline{Y} \}\) can be found by solving the following matrix equation [23]: \(\varTheta (\delta ) = \varLambda \varTheta (\delta ) + \varGamma (\delta ),\) where \(\varTheta (\delta ),\varLambda\) and \(\varGamma (\delta )\) are all \(|X \times \overline{Y} | \times |X \times \overline{Y} |\) square matrices whose \(ij{th}\) elements are given by \(\theta_{i,\delta ,j} ,\lambda_{ij}\) and \(\sum\nolimits_{\sigma \in \varSigma :M(\sigma ) = \delta } {\gamma ((x,\bar{y}),\sigma ,(x^{\prime } ,\bar{y}^{\prime } ))}\), respectively.
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Ibrahim, M., Chen, J., Kumar, R. (2016). Quantification of Centralized/Distributed Secrecy in Stochastic Discrete Event Systems. In: Pricop, E., Stamatescu, G. (eds) Recent Advances in Systems Safety and Security. Studies in Systems, Decision and Control, vol 62. Springer, Cham. https://doi.org/10.1007/978-3-319-32525-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-32525-5_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32523-1
Online ISBN: 978-3-319-32525-5
eBook Packages: EngineeringEngineering (R0)