SAT-Based Analysis and Quantification of Information Flow in Programs

  • Vladimir Klebanov
  • Norbert Manthey
  • Christian Muise
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8054)

Abstract

Quantitative information flow analysis (QIF) is a portfolio of security techniques quantifying the flow of confidential information to public ports. In this paper, we advance the state of the art in QIF for imperative programs. We present both an abstract formulation of the analysis in terms of verification condition generation, logical projection and model counting, and an efficient concrete implementation targeting ANSI C programs. The implementation combines various novel and existing SAT-based tools for bounded model checking, #SAT solving in presence of projection, and SAT preprocessing. We evaluate the technique on synthetic and semi-realistic benchmarks.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Backes, M., Berg, M., Köpf, B.: Non-uniform distributions in quantitative information-flow. In: ASIACCS 2011, pp. 367–375. ACM (2011)Google Scholar
  2. 2.
    Backes, M., Köpf, B., Rybalchenko, A.: Automatic discovery and quantification of information leaks. In: S&P 2009, pp. 141–153. IEEE Computer Society (2009)Google Scholar
  3. 3.
    Brauer, J., King, A.: Approximate quantifier elimination for propositional boolean formulae. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 73–88. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Brauer, J., King, A., Kriener, J.: Existential quantification as incremental SAT. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 191–207. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical measurement of information leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Clarke, E., Kroning, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Darwiche, A.: Decomposable negation normal form. J. ACM 48(4), 608–647 (2001)MathSciNetMATHCrossRefGoogle Scholar
  8. 8.
    Dennis, G., Chang, F.S.-H., Jackson, D.: Modular verification of code with SAT. In: ISSTA 2006, pp. 109–120. ACM (2006)Google Scholar
  9. 9.
    Eén, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Guo, Q., Sang, J., He, Y.-M.: Effective preprocessing in #SAT. In: ICMV 2011. SPIE (2011)Google Scholar
  11. 11.
    Heusser, J., Malacaria, P.: Applied quantitative information flow and statistical databases. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 96–110. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Heusser, J., Malacaria, P.: Quantifying information leaks in software. In: ACSAC 2010, pp. 261–269. ACM (2010)Google Scholar
  13. 13.
    Klebanov, V.: Precise quantitative information flow analysis using symbolic model counting. In: Martinelli, F., Nielson, F. (eds.) Proceedings of the International Workshop on Quantitative Aspects in Security Assurance, QASA (2012)Google Scholar
  14. 14.
    Köpf, B., Rybalchenko, A.: Approximation and randomization for quantitative information-flow analysis. In: CSF 2010, pp. 3–14. IEEE Computer Society, Washington, DC (2010)Google Scholar
  15. 15.
    Manthey, N.: Coprocessor 2.0 – A flexible CNF simplifier. In: Cimatti, A., Sebastiani, R. (eds.) SAT 2012. LNCS, vol. 7317, pp. 436–441. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  16. 16.
    Manthey, N., Heule, M.J.H., Biere, A.: Automated reencoding of boolean formulas. In: Proceedings of Haifa Verification Conference 2012 (2012)Google Scholar
  17. 17.
    McCamant, S., Ernst, M.D.: Quantitative information flow as network flow capacity. In: PLDI 2008, pp. 193–205. ACM (2008)Google Scholar
  18. 18.
    Meng, Z., Smith, G.: Calculating bounds on information leakage using two-bit patterns. In: PLAS 2011, pp. 1–12. ACM (2011)Google Scholar
  19. 19.
    Mu, C.: Quantitative information flow for security: a survey. Technical Report TR-08-06, Department of Computer Science, King’s College London (2008), http://www.dcs.kcl.ac.uk/technical-reports/papers/TR-08-06.pdf (updated 2010)
  20. 20.
    Muise, C., McIlraith, S.A., Beck, J.C., Hsu, E.I.: Dsharp: Fast d-DNNF compilation with sharpSAT. In: Kosseim, L., Inkpen, D. (eds.) Canadian AI 2012. LNCS, vol. 7310, pp. 356–361. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  21. 21.
    Newsome, J., McCamant, S., Song, D.: Measuring channel capacity to distinguish undue influence. In: PLAS 2009, pp. 73–85. ACM, New York (2009)Google Scholar
  22. 22.
    Phan, Q.-S., Malacaria, P., Tkachuk, O., Păsăreanu, C.S.: Symbolic quantitative information flow. In: Mehlitz, P., Rungta, N., Visser, W. (eds.) Proceedings, Java Pathfinder Workshop, pp. 1–5 (2012)Google Scholar
  23. 23.
    Smith, G.: On the foundations of quantitative information flow. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  24. 24.
    Terauchi, T., Aiken, A.: Secure information flow as a safety problem. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 352–367. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Thurley, M.: sharpSAT – counting models with advanced component caching and implicit BCP. In: Biere, A., Gomes, C.P. (eds.) SAT 2006. LNCS, vol. 4121, pp. 424–429. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Wernhard, C.: Tableaux for projection computation and knowledge compilation. In: Giese, M., Waaler, A. (eds.) TABLEAUX 2009. LNCS (LNAI), vol. 5607, pp. 325–340. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Yasuoka, H., Terauchi, T.: Quantitative information flow – verification hardness and possibilities. In: CSF 2010, pp. 15–27. IEEE Computer Society (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Vladimir Klebanov
    • 1
  • Norbert Manthey
    • 2
  • Christian Muise
    • 3
  1. 1.Karlsruhe Institute of Technology (KIT)KarlsruheGermany
  2. 2.Knowledge Representation and Reasoning GroupTechnische Universität DresdenDresdenGermany
  3. 3.Department of Computer ScienceUniversity of TorontoTorontoCanada

Personalised recommendations