SlideShare a Scribd company logo

Computing Information Flow Using Symbolic-Model-Checking_.pdf

P
Polytechnique Montréal

This document presents methods for computing information flow and quantifying information leakage in non-probabilistic programs using symbolic model checking. It discusses using binary decision diagrams (BDDs) and algebraic decision diagrams (ADDs) to represent program states and calculate fixed points. Algorithms are provided for symbolically computing min-entropy and Shannon entropy leakage by constructing ADDs representing the program summary and sets of possible outputs. The methods were implemented in a tool called Moped-QLeak and evaluated on example programs. Future work includes supporting recursive programs and using other symbolic verification approaches.

1 of 31
Download to read offline
Computing Information Flow Using Symbolic Model-Checking 10 avril 2018
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Introduction Information Leakage : I Information about the secret inputs using publicly observable outputs I Outputs independent of inputs =⇒ No leakage I Unique input corresponding to given output =⇒ Full leakage The quantitative information flow bounding problem and the quantitative information flow comparison problem for Boolean programs are PSPACE-complete .
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Literature review I .[M. Backes , al] - S&P 2009 . DisQuant : Automatic discovery and quantification of information leaks I .[Heusser , al] - ACSAC 2010 . selfcomp : Quantifying Information Leaks in Software I .[Quoc-Sang Phan , al ] - ACM SIGSOFT 2012. jpf-qif : Symbolic Quantitative Information Flow I .[Quoc-Sang Phan , al ] - ASIACCS 2014. sqifc : Abstract model counting : a novel approach for quantification of information leaks. I .[Rohit Chadha , al] - FSTTCS 2014. Moped-QLeak : Computing Information Flow Using Symbolic Model-Checking
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Symbolic Model-Checking Model Checking : I Exhaustive search of the state space of the system . I Disadvantage : State Explosion Problem Symbolic Model Checking : I uses boolean encoding for state machine and sets of states. I BDDs used to represent boolean functions .
Boolean programs I Global variables G : Input and output I Local variables : Internal calculations I Program statements : transform global and local variables I For Program P, Fp : 2G 7−→ 2G ∪ {⊥} I Fp( ¯ g0) = ⊥ : P does not terminate ¯ g0
Binary decision diagrams (BDDs) I Set of variables V = {x, y, z} with the order x < y < z I f (x, y, z) = x → (y ↔ z) I BDDs are data structures for storing elements : 2G −→ {0, 1} Unreduced decision diagram (left) and corresponding BDD (right)
Algebraic Decision Diagrams (ADDs) I Set of variables V I ADD : 2G −→ M (M = R) I BDDs + real values on the terminal nodes I BDDs as 0/1-ADDs ADD (right) and its reduced form (left)
Fixed-point Consider the complete lattice (2G , ⊆) Consider a function f : 2S 7−→ 2S X ∈ 2S is fixed point of f ⇐⇒ f (X) = X X is least fixed point of f if for every fixed point Y , X ⊆ Y Theorem (Tarski-knaster) Consider a function f : 2S 7−→ 2S that is monotonic X ⊆ Y then f (X) ⊆ f (Y ) Consider the sequence : X0 = ∅ X1 = f (X0) X2 = f (X1)... This eventually converge to the least fixed point
Information leakage in programs 1. Min-entropy leakage measures vulnerability of the secret inputs to being guessed correctly in a single attempt of the adversary MEU(P) = log P o∈O maxs∈S µ(S = s|O = o) 2. Shannon entropy leakage measures expected number of guesses required to correctly guess the secret input SEU(P) = log|S| − 1 |S| P o∈O |P−1(o)|log(|P−1(o)|)
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Definition (Summary of a Program) Let P be a program with G = {x1, ..., xn} as the set of global variables. Let G0 = {x0 1, ..., x0 n} and G ∩ G0 = ∅. The summary of P , denoted TP , is a function TP : 2(G∪G0) → {0, 1} such that for every z1, ..., zn, z0 1, ..., z0 n ∈ {true, false}, we have TP(z1, ..., zn, z0 1, ..., z0 n) = 1 ⇐⇒ P(z1, ..., zn) = (z0 1, ..., z0 n). Example : Boolean program Pex with global variables : s1, s2, o1 and o2. o1 = false ; o2 = false ; while s1 ; o1 = false ; o2 = s2 ; s1 = false ; s2 = false ;
Assuming the order s1 < s0 1 < s2 < s0 2 < o1 < o0 1 < o2 < o0 2 : Pex is shown as a 0/1-ADD :
Leakage measured using min-entropy Let post(2G ) = { ¯ g0 ∈ 2G |∃ḡ ∈ 2G .P(ḡ) = ¯ g0}. If P terminates on all inputs then the min-entropy leakage : is log(|post(2G )|) . otherwise it is log(|post(2G )| + 1) Lemma Let Tout,P = orAbstract(G, TP) ∧ Tterm,P = orAbstract(G0, TP). 1. |post(2G )| = val(abstract(+, G0, Tout,P)). 2. P terminates on every input iff isConst(Tterm,P) and val(Tterm,P) = 1.
Leakage measured using min-entropy The ADD representing Tout,P : the set of all possible outputs of P .
Algorithm : Symbolic computation of min-entropy leakage
Leakage measured using Shannon entropy Two possible outputs =⇒ We need to compute : P ¯ g0∈2G0 |P−1( ¯ g0)|log|P−1( ¯ g0)| + |P−1(⊥)|log|P−1(⊥)| . The ADD Teq−size,P : The ADD Tnon−term,P :
Algorithm :Symbolic computation of Shannon-entropy leakage
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Example : Sum Query Input language : Remopla
Instructions for running
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Examples used for evaluation
Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
Conclusion and future work I Symbolic algorithms for measuring information leakage I Integrable in any BDD based reachability analysis tool I Summary calculation is the overhead - BDD size (algebraic operations) and variable orderings I future work : I ProPed :Support recursive programs I Other symbolic verification approaches : CEGAR (Counterexample Guided Abstraction Refinement )
References R. Chadha, U. Mathur, S. Schwoon Computing Information Flow Using Symbolic Model Checking Foundations of Software Technology and Theoretical Computer Science (FSTTCS), 2014 . Moped QLeak : https://sites.google.com/site/mopedqleak Presented By : LOTFI LARBAOUI

Recommended

A calculus of mobile Real-Time processes
A calculus of mobile Real-Time processesA calculus of mobile Real-Time processes
A calculus of mobile Real-Time processes
Polytechnique Montréal
 
Safety Verification of Deep Neural Networks_.pdf
Safety Verification of Deep Neural Networks_.pdfSafety Verification of Deep Neural Networks_.pdf
Safety Verification of Deep Neural Networks_.pdf
Polytechnique Montréal
 
Time andspacecomplexity
Time andspacecomplexityTime andspacecomplexity
Time andspacecomplexity
LAKSHMITHARUN PONNAM
 
Matlab Nn Intro
Matlab Nn IntroMatlab Nn Intro
Matlab Nn Intro
Imthias Ahamed
 
Data Structure: Algorithm and analysis
Data Structure: Algorithm and analysisData Structure: Algorithm and analysis
Data Structure: Algorithm and analysis
Dr. Rajdeep Chatterjee
 
Analysis of Algorithm
Analysis of AlgorithmAnalysis of Algorithm
Analysis of Algorithm
أحلام انصارى
 
Computational Complexity
Computational ComplexityComputational Complexity
Computational Complexity
Kasun Ranga Wijeweera
 
how to calclute time complexity of algortihm
how to calclute time complexity of algortihmhow to calclute time complexity of algortihm
how to calclute time complexity of algortihm
Sajid Marwat
 

Recommended

A calculus of mobile Real-Time processes
A calculus of mobile Real-Time processesA calculus of mobile Real-Time processes
A calculus of mobile Real-Time processes
Polytechnique Montréal
 
Safety Verification of Deep Neural Networks_.pdf
Safety Verification of Deep Neural Networks_.pdfSafety Verification of Deep Neural Networks_.pdf
Safety Verification of Deep Neural Networks_.pdf
Polytechnique Montréal
 
Time andspacecomplexity
Time andspacecomplexityTime andspacecomplexity
Time andspacecomplexity
LAKSHMITHARUN PONNAM
 
Matlab Nn Intro
Matlab Nn IntroMatlab Nn Intro
Matlab Nn Intro
Imthias Ahamed
 
Data Structure: Algorithm and analysis
Data Structure: Algorithm and analysisData Structure: Algorithm and analysis
Data Structure: Algorithm and analysis
Dr. Rajdeep Chatterjee
 
Analysis of Algorithm
Analysis of AlgorithmAnalysis of Algorithm
Analysis of Algorithm
أحلام انصارى
 
Computational Complexity
Computational ComplexityComputational Complexity
Computational Complexity
Kasun Ranga Wijeweera
 
how to calclute time complexity of algortihm
how to calclute time complexity of algortihmhow to calclute time complexity of algortihm
how to calclute time complexity of algortihm
Sajid Marwat
 
TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free
Iosif Itkin
 
Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity. Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity.
Tariq Khan
 
Complexity analysis in Algorithms
Complexity analysis in AlgorithmsComplexity analysis in Algorithms
Complexity analysis in Algorithms
Daffodil International University
 
Algorithm.ppt
Algorithm.pptAlgorithm.ppt
Algorithm.ppt
Tareq Hasan
 
digital signal-processing-lab-manual
digital signal-processing-lab-manualdigital signal-processing-lab-manual
digital signal-processing-lab-manual
Ahmed Alshomi
 
Complexity of Algorithm
Complexity of AlgorithmComplexity of Algorithm
Complexity of Algorithm
Muhammad Muzammal
 
Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report
Alamgir Hossain
 
Circular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab CodeCircular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab Code
Bharti Airtel Ltd.
 
Algorithm Analyzing
Algorithm AnalyzingAlgorithm Analyzing
Algorithm Analyzing
Haluan Irsad
 
Dsp manual
Dsp manualDsp manual
Dsp manual
Vijendrasingh Rathor
 
Introduction to Algorithms
Introduction to AlgorithmsIntroduction to Algorithms
Introduction to Algorithms
Venkatesh Iyer
 
DFT and IDFT Matlab Code
DFT and IDFT Matlab CodeDFT and IDFT Matlab Code
DFT and IDFT Matlab Code
Bharti Airtel Ltd.
 
Symbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo TheoriesSymbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo Theories
Quoc-Sang Phan
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
Amairullah Khan Lodhi
 
Asymptotic Notation
Asymptotic NotationAsymptotic Notation
Asymptotic Notation
sohelranasweet
 
Introduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic NotationIntroduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic Notation
Amrinder Arora
 
Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02
mansab MIRZA
 
Time and space complexity
Time and space complexityTime and space complexity
Time and space complexity
Ankit Katiyar
 
Dsp lab manual
Dsp lab manualDsp lab manual
Dsp lab manual
Mukul Mohal
 
Fundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm EfficiencyFundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm Efficiency
Saranya Natarajan
 
Madrid easy
Madrid easyMadrid easy
Madrid easy
Sebastien Destercke
 
Quantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo TheoriesQuantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo Theories
Quoc-Sang Phan
 

More Related Content

What's hot

TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free
Iosif Itkin
 
Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity. Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity.
Tariq Khan
 
Complexity analysis in Algorithms
Complexity analysis in AlgorithmsComplexity analysis in Algorithms
Complexity analysis in Algorithms
Daffodil International University
 
Algorithm.ppt
Algorithm.pptAlgorithm.ppt
Algorithm.ppt
Tareq Hasan
 
digital signal-processing-lab-manual
digital signal-processing-lab-manualdigital signal-processing-lab-manual
digital signal-processing-lab-manual
Ahmed Alshomi
 
Complexity of Algorithm
Complexity of AlgorithmComplexity of Algorithm
Complexity of Algorithm
Muhammad Muzammal
 
Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report
Alamgir Hossain
 
Circular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab CodeCircular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab Code
Bharti Airtel Ltd.
 
Algorithm Analyzing
Algorithm AnalyzingAlgorithm Analyzing
Algorithm Analyzing
Haluan Irsad
 
Dsp manual
Dsp manualDsp manual
Dsp manual
Vijendrasingh Rathor
 
Introduction to Algorithms
Introduction to AlgorithmsIntroduction to Algorithms
Introduction to Algorithms
Venkatesh Iyer
 
DFT and IDFT Matlab Code
DFT and IDFT Matlab CodeDFT and IDFT Matlab Code
DFT and IDFT Matlab Code
Bharti Airtel Ltd.
 
Symbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo TheoriesSymbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo Theories
Quoc-Sang Phan
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
Amairullah Khan Lodhi
 
Asymptotic Notation
Asymptotic NotationAsymptotic Notation
Asymptotic Notation
sohelranasweet
 
Introduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic NotationIntroduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic Notation
Amrinder Arora
 
Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02
mansab MIRZA
 
Time and space complexity
Time and space complexityTime and space complexity
Time and space complexity
Ankit Katiyar
 
Dsp lab manual
Dsp lab manualDsp lab manual
Dsp lab manual
Mukul Mohal
 
Fundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm EfficiencyFundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm Efficiency
Saranya Natarajan
 

What's hot (20)

TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free TMPA-2017: Generating Cost Aware Covering Arrays For Free
TMPA-2017: Generating Cost Aware Covering Arrays For Free
 
Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity. Algorithm And analysis Lecture 03& 04-time complexity.
Algorithm And analysis Lecture 03& 04-time complexity.
 
Complexity analysis in Algorithms
Complexity analysis in AlgorithmsComplexity analysis in Algorithms
Complexity analysis in Algorithms
 
Algorithm.ppt
Algorithm.pptAlgorithm.ppt
Algorithm.ppt
 
digital signal-processing-lab-manual
digital signal-processing-lab-manualdigital signal-processing-lab-manual
digital signal-processing-lab-manual
 
Complexity of Algorithm
Complexity of AlgorithmComplexity of Algorithm
Complexity of Algorithm
 
Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report Digital signal Processing all matlab code with Lab report
Digital signal Processing all matlab code with Lab report
 
Circular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab CodeCircular convolution Using DFT Matlab Code
Circular convolution Using DFT Matlab Code
 
Algorithm Analyzing
Algorithm AnalyzingAlgorithm Analyzing
Algorithm Analyzing
 
Dsp manual
Dsp manualDsp manual
Dsp manual
 
Introduction to Algorithms
Introduction to AlgorithmsIntroduction to Algorithms
Introduction to Algorithms
 
DFT and IDFT Matlab Code
DFT and IDFT Matlab CodeDFT and IDFT Matlab Code
DFT and IDFT Matlab Code
 
Symbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo TheoriesSymbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo Theories
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
 
Asymptotic Notation
Asymptotic NotationAsymptotic Notation
Asymptotic Notation
 
Introduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic NotationIntroduction to Algorithms and Asymptotic Notation
Introduction to Algorithms and Asymptotic Notation
 
Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02Asymptotics 140510003721-phpapp02
Asymptotics 140510003721-phpapp02
 
Time and space complexity
Time and space complexityTime and space complexity
Time and space complexity
 
Dsp lab manual
Dsp lab manualDsp lab manual
Dsp lab manual
 
Fundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm EfficiencyFundamentals of the Analysis of Algorithm Efficiency
Fundamentals of the Analysis of Algorithm Efficiency
 

Similar to Computing Information Flow Using Symbolic-Model-Checking_.pdf

Madrid easy
Madrid easyMadrid easy
Madrid easy
Sebastien Destercke
 
Quantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo TheoriesQuantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo Theories
Quoc-Sang Phan
 
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by OraclesEfficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
Vissarion Fisikopoulos
 
Anlysis and design of algorithms part 1
Anlysis and design of algorithms part 1Anlysis and design of algorithms part 1
Anlysis and design of algorithms part 1
Deepak John
 
Time complexity.ppt
Time complexity.pptTime complexity.ppt
Time complexity.ppt
YekoyeTigabuYeko
 
chapter1.ppt
chapter1.pptchapter1.ppt
chapter1.ppt
ebinazer1
 
Lec03 04-time complexity
Lec03 04-time complexityLec03 04-time complexity
Lec03 04-time complexity
Abbas Ali
 
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and SparkCrystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Jivan Nepali
 
Optimal L-shaped matrix reordering, aka graph's core-periphery
Optimal L-shaped matrix reordering, aka graph's core-peripheryOptimal L-shaped matrix reordering, aka graph's core-periphery
Optimal L-shaped matrix reordering, aka graph's core-periphery
Francesco Tudisco
 
Lecture 2 data structures and algorithms
Lecture 2 data structures and algorithmsLecture 2 data structures and algorithms
Lecture 2 data structures and algorithms
Aakash deep Singhal
 
01 EC 7311-Module IV.pptx
01 EC 7311-Module IV.pptx01 EC 7311-Module IV.pptx
01 EC 7311-Module IV.pptx
VSUDHEER4
 
Asymptotic notation
Asymptotic notationAsymptotic notation
Asymptotic notation
sajinis3
 
Asymptotic Notation and Complexity
Asymptotic Notation and ComplexityAsymptotic Notation and Complexity
Asymptotic Notation and Complexity
Rajandeep Gill
 
analysis.ppt
analysis.pptanalysis.ppt
analysis.ppt
AarushSharma69
 
Cs6402 daa-2 marks set 1
Cs6402 daa-2 marks set 1Cs6402 daa-2 marks set 1
Cs6402 daa-2 marks set 1
Vai Jayanthi
 
Probability cheatsheet
Probability cheatsheetProbability cheatsheet
Probability cheatsheet
Suvrat Mishra
 
module1_Introductiontoalgorithms_2022.pdf
module1_Introductiontoalgorithms_2022.pdfmodule1_Introductiontoalgorithms_2022.pdf
module1_Introductiontoalgorithms_2022.pdf
Shiwani Gupta
 
1.algorithms
1.algorithms1.algorithms
1.algorithms
Chandan Singh
 
Nbvtalkatbzaonencryptionpuzzles
NbvtalkatbzaonencryptionpuzzlesNbvtalkatbzaonencryptionpuzzles
Nbvtalkatbzaonencryptionpuzzles
Nagasuri Bala Venkateswarlu
 
Nbvtalkatbzaonencryptionpuzzles
NbvtalkatbzaonencryptionpuzzlesNbvtalkatbzaonencryptionpuzzles
Nbvtalkatbzaonencryptionpuzzles
Nagasuri Bala Venkateswarlu
 

Similar to Computing Information Flow Using Symbolic-Model-Checking_.pdf (20)

Madrid easy
Madrid easyMadrid easy
Madrid easy
 
Quantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo TheoriesQuantifying Information Leaks via Model Counting Modulo Theories
Quantifying Information Leaks via Model Counting Modulo Theories
 
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by OraclesEfficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
Efficient Volume and Edge-Skeleton Computation for Polytopes Given by Oracles
 
Anlysis and design of algorithms part 1
Anlysis and design of algorithms part 1Anlysis and design of algorithms part 1
Anlysis and design of algorithms part 1
 
Time complexity.ppt
Time complexity.pptTime complexity.ppt
Time complexity.ppt
 
chapter1.ppt
chapter1.pptchapter1.ppt
chapter1.ppt
 
Lec03 04-time complexity
Lec03 04-time complexityLec03 04-time complexity
Lec03 04-time complexity
 
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and SparkCrystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
 
Optimal L-shaped matrix reordering, aka graph's core-periphery
Optimal L-shaped matrix reordering, aka graph's core-peripheryOptimal L-shaped matrix reordering, aka graph's core-periphery
Optimal L-shaped matrix reordering, aka graph's core-periphery
 
Lecture 2 data structures and algorithms
Lecture 2 data structures and algorithmsLecture 2 data structures and algorithms
Lecture 2 data structures and algorithms
 
01 EC 7311-Module IV.pptx
01 EC 7311-Module IV.pptx01 EC 7311-Module IV.pptx
01 EC 7311-Module IV.pptx
 
Asymptotic notation
Asymptotic notationAsymptotic notation
Asymptotic notation
 
Asymptotic Notation and Complexity
Asymptotic Notation and ComplexityAsymptotic Notation and Complexity
Asymptotic Notation and Complexity
 
analysis.ppt
analysis.pptanalysis.ppt
analysis.ppt
 
Cs6402 daa-2 marks set 1
Cs6402 daa-2 marks set 1Cs6402 daa-2 marks set 1
Cs6402 daa-2 marks set 1
 
Probability cheatsheet
Probability cheatsheetProbability cheatsheet
Probability cheatsheet
 
module1_Introductiontoalgorithms_2022.pdf
module1_Introductiontoalgorithms_2022.pdfmodule1_Introductiontoalgorithms_2022.pdf
module1_Introductiontoalgorithms_2022.pdf
 
1.algorithms
1.algorithms1.algorithms
1.algorithms
 
Nbvtalkatbzaonencryptionpuzzles
NbvtalkatbzaonencryptionpuzzlesNbvtalkatbzaonencryptionpuzzles
Nbvtalkatbzaonencryptionpuzzles
 
Nbvtalkatbzaonencryptionpuzzles
NbvtalkatbzaonencryptionpuzzlesNbvtalkatbzaonencryptionpuzzles
Nbvtalkatbzaonencryptionpuzzles
 

Recently uploaded

socradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdfsocradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdf
SOCRadar
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Łukasz Chruściel
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
Gerardo Pardo-Castellote
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Undress Baby
 
E-commerce Application Development Company.pdf
E-commerce Application Development Company.pdfE-commerce Application Development Company.pdf
E-commerce Application Development Company.pdf
Hornet Dynamics
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Envertis Software Solutions
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
ICS
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
aymanquadri279
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 

Recently uploaded (20)

socradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdfsocradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdf
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
 
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systemsDDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdfRevolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
 
E-commerce Application Development Company.pdf
E-commerce Application Development Company.pdfE-commerce Application Development Company.pdf
E-commerce Application Development Company.pdf
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
 
Webinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for EmbeddedWebinar On-Demand: Using Flutter for Embedded
Webinar On-Demand: Using Flutter for Embedded
 
What is Master Data Management by PiLog Group
What is Master Data Management by PiLog GroupWhat is Master Data Management by PiLog Group
What is Master Data Management by PiLog Group
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 

Computing Information Flow Using Symbolic-Model-Checking_.pdf

  • 1. Computing Information Flow Using Symbolic Model-Checking 10 avril 2018
  • 2. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 3. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 4. Introduction Information Leakage : I Information about the secret inputs using publicly observable outputs I Outputs independent of inputs =⇒ No leakage I Unique input corresponding to given output =⇒ Full leakage The quantitative information flow bounding problem and the quantitative information flow comparison problem for Boolean programs are PSPACE-complete .
  • 5. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 6. Literature review I .[M. Backes , al] - S&P 2009 . DisQuant : Automatic discovery and quantification of information leaks I .[Heusser , al] - ACSAC 2010 . selfcomp : Quantifying Information Leaks in Software I .[Quoc-Sang Phan , al ] - ACM SIGSOFT 2012. jpf-qif : Symbolic Quantitative Information Flow I .[Quoc-Sang Phan , al ] - ASIACCS 2014. sqifc : Abstract model counting : a novel approach for quantification of information leaks. I .[Rohit Chadha , al] - FSTTCS 2014. Moped-QLeak : Computing Information Flow Using Symbolic Model-Checking
  • 7. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 8. Symbolic Model-Checking Model Checking : I Exhaustive search of the state space of the system . I Disadvantage : State Explosion Problem Symbolic Model Checking : I uses boolean encoding for state machine and sets of states. I BDDs used to represent boolean functions .
  • 9. Boolean programs I Global variables G : Input and output I Local variables : Internal calculations I Program statements : transform global and local variables I For Program P, Fp : 2G 7−→ 2G ∪ {⊥} I Fp( ¯ g0) = ⊥ : P does not terminate ¯ g0
  • 10. Binary decision diagrams (BDDs) I Set of variables V = {x, y, z} with the order x < y < z I f (x, y, z) = x → (y ↔ z) I BDDs are data structures for storing elements : 2G −→ {0, 1} Unreduced decision diagram (left) and corresponding BDD (right)
  • 11. Algebraic Decision Diagrams (ADDs) I Set of variables V I ADD : 2G −→ M (M = R) I BDDs + real values on the terminal nodes I BDDs as 0/1-ADDs ADD (right) and its reduced form (left)
  • 12. Fixed-point Consider the complete lattice (2G , ⊆) Consider a function f : 2S 7−→ 2S X ∈ 2S is fixed point of f ⇐⇒ f (X) = X X is least fixed point of f if for every fixed point Y , X ⊆ Y Theorem (Tarski-knaster) Consider a function f : 2S 7−→ 2S that is monotonic X ⊆ Y then f (X) ⊆ f (Y ) Consider the sequence : X0 = ∅ X1 = f (X0) X2 = f (X1)... This eventually converge to the least fixed point
  • 13. Information leakage in programs 1. Min-entropy leakage measures vulnerability of the secret inputs to being guessed correctly in a single attempt of the adversary MEU(P) = log P o∈O maxs∈S µ(S = s|O = o) 2. Shannon entropy leakage measures expected number of guesses required to correctly guess the secret input SEU(P) = log|S| − 1 |S| P o∈O |P−1(o)|log(|P−1(o)|)
  • 14. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 15. Definition (Summary of a Program) Let P be a program with G = {x1, ..., xn} as the set of global variables. Let G0 = {x0 1, ..., x0 n} and G ∩ G0 = ∅. The summary of P , denoted TP , is a function TP : 2(G∪G0) → {0, 1} such that for every z1, ..., zn, z0 1, ..., z0 n ∈ {true, false}, we have TP(z1, ..., zn, z0 1, ..., z0 n) = 1 ⇐⇒ P(z1, ..., zn) = (z0 1, ..., z0 n). Example : Boolean program Pex with global variables : s1, s2, o1 and o2. o1 = false ; o2 = false ; while s1 ; o1 = false ; o2 = s2 ; s1 = false ; s2 = false ;
  • 16. Assuming the order s1 < s0 1 < s2 < s0 2 < o1 < o0 1 < o2 < o0 2 : Pex is shown as a 0/1-ADD :
  • 17. Leakage measured using min-entropy Let post(2G ) = { ¯ g0 ∈ 2G |∃ḡ ∈ 2G .P(ḡ) = ¯ g0}. If P terminates on all inputs then the min-entropy leakage : is log(|post(2G )|) . otherwise it is log(|post(2G )| + 1) Lemma Let Tout,P = orAbstract(G, TP) ∧ Tterm,P = orAbstract(G0, TP). 1. |post(2G )| = val(abstract(+, G0, Tout,P)). 2. P terminates on every input iff isConst(Tterm,P) and val(Tterm,P) = 1.
  • 18. Leakage measured using min-entropy The ADD representing Tout,P : the set of all possible outputs of P .
  • 19. Algorithm : Symbolic computation of min-entropy leakage
  • 20. Leakage measured using Shannon entropy Two possible outputs =⇒ We need to compute : P ¯ g0∈2G0 |P−1( ¯ g0)|log|P−1( ¯ g0)| + |P−1(⊥)|log|P−1(⊥)| . The ADD Teq−size,P : The ADD Tnon−term,P :
  • 21. Algorithm :Symbolic computation of Shannon-entropy leakage
  • 22. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 23.
  • 24. Example : Sum Query Input language : Remopla
  • 26. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 27. Examples used for evaluation
  • 28.
  • 29. Introduction Literature review Background Leakage in non-probabilistic programs Demo Experimental results Conclusion and future work
  • 30. Conclusion and future work I Symbolic algorithms for measuring information leakage I Integrable in any BDD based reachability analysis tool I Summary calculation is the overhead - BDD size (algebraic operations) and variable orderings I future work : I ProPed :Support recursive programs I Other symbolic verification approaches : CEGAR (Counterexample Guided Abstraction Refinement )
  • 31. References R. Chadha, U. Mathur, S. Schwoon Computing Information Flow Using Symbolic Model Checking Foundations of Software Technology and Theoretical Computer Science (FSTTCS), 2014 . Moped QLeak : https://sites.google.com/site/mopedqleak Presented By : LOTFI LARBAOUI