Abstract
Programs that process secret data may inadvertently reveal information about those secrets in their publicly-observable output. This paper presents LeakWatch, a quantitative information leakage analysis tool for the Java programming language; it is based on a flexible “point-to-point” information leakage model, where secret and publicly-observable data may occur at any time during a program’s execution. LeakWatch repeatedly executes a Java program containing both secret and publicly-observable data and uses robust statistical techniques to provide estimates, with confidence intervals, for min-entropy leakage (using a new theoretical result presented in this paper) and mutual information.We demonstrate how LeakWatch can be used to estimate the size of information leaks in a range of real-world Java programs.
Chapter PDF
Similar content being viewed by others
Keywords
References
Shannon, C.E.: A Mathematical Theory of Communication. Bell System Technical Journal 27(3), 379–423 (1948)
Smith, G.: On the Foundations of Quantitative Information Flow. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009)
Smith, G.: Quantifying Information Flow Using Min-Entropy. In: Proc. of the 8th Conference on Quantitative Evaluation of Systems (QEST 2011), pp. 159–167 (2011)
Chothia, T., Kawamoto, Y., Novakovic, C., Parker, D.: Probabilistic Point-to-Point Information Leakage. In: Proc. of the 26th IEEE Computer Security Foundations Symposium (CSF 2013), pp. 193–205. IEEE Computer Society (June 2013)
Moddemeijer, R.: On estimation of entropy and mutual information of continuous distributions. Signal Processing 16, 233–248 (1989)
Brillinger, D.R.: Some data analysis using mutual information. Brazilian Journal of Probability and Statistics 18(6), 163–183 (2004)
Boreale, M., Paolini, M.: On formally bounding information leakage by statistical estimation (2014) (Unpublished Manuscript)
Biondi, F., Legay, A., Traonouez, L.-M., Wąsowski, A.: QUAIL: A Quantitative Security Analyzer for Imperative Code. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 702–707. Springer, Heidelberg (2013)
Mu, C., Clark, D.: A tool: quantitative analyser for programs. In: Proc.of the 8th Conference on Quantitative Evaluation of Systems (QEST 2011), pp. 145–146 (2011)
McCamant, S., Ernst, M.D.: Quantitative Information Flow as Network Flow Capacity. In: Proc. of the Conference on Programming Language Design and Implementation (PLDI 2008), pp. 193–205 (2008)
Heusser, J., Malacaria, P.: Quantifying Information Leaks in Software. In: Proc. of the 2010 Annual Computer Security Applications Conference (ACSAC 2010), pp. 261–269. ACM Press, Austin (2010)
Phan, Q.S., Malacaria, P., Tkachuk, O., Păsăreanu, C.S.: Symbolic quantitative information flow. ACM SIGSOFT Software Engineering Notes 37(6), 1–5 (2012)
Chothia, T., Kawamoto, Y., Novakovic, C.: LeakWatch, http://www.cs.bham.ac.uk/research/projects/infotools/leakwatch/
Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical Measurement of Information Leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010)
Denning, D.E.: Cryptography and Data Security. Addison-Wesley (May 1982)
Myers, A.C., Liskov, B.: Complete, Safe Information Flow with Decentralized Labels. In: Proc. of the 1998 IEEE Symposium on Security and Privacy, pp. 186–197. IEEE Computer Society, Oakland (1998)
Pearson, K.: X. on the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling. Philosophical Magazine Series 5 50(302), 157–175 (1900)
Diez, D.M., Barr, C.D., Cetinkaya-Rundel, M.: OpenIntro Statistics. CreateSpace (2012)
Chothia, T., Kawamoto, Y., Novakovic, C.: A Tool for Estimating Information Leakage. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 690–695. Springer, Heidelberg (2013)
Kawamoto, Y., Chatzikokolakis, K., Palamidessi, C.: Compositionality Results for Quantitative Information Flow. In: Proc. of the 11th International Conference on Quantitative Evaluation of Systems, QEST 2014 (to appear, September 2014)
OW2 Consortium: ASM, http://asm.ow2.org
Chaum, D.: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of Cryptology, 65–75 (1988)
Garcia, F.D., van Rossum, P., Verdult, R., Schreur, R.W.: Wirelessly pickpocketing a Mifare Classic card. In: IEEE Symposium on Security and Privacy (S&P 2009), pp. 3–15. IEEE (2009)
Verdult, R., Garcia, F.D., Balasch, J.: Gone in 360 seconds: Hijacking with Hitag2. In: 21st USENIX Security Symposium (USENIX Security 2012), pp. 237–252. USENIX Association (2012)
Callas, J., Donnerhacke, L., Finney, H., Shaw, D., Thayer, R.: OpenPGP Message Format, http://tools.ietf.org/html/rfc4880
Legion of the Bouncy Castle Inc.: The Legion of the Bouncy Castle Java Cryptography APIs, https://www.bouncycastle.org/java.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Chothia, T., Kawamoto, Y., Novakovic, C. (2014). LeakWatch: Estimating Information Leakage from Java Programs. In: Kutyłowski, M., Vaidya, J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham. https://doi.org/10.1007/978-3-319-11212-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-11212-1_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11211-4
Online ISBN: 978-3-319-11212-1
eBook Packages: Computer ScienceComputer Science (R0)