Quantitative analysis of information leakage vulnerabilities

摘要

A method includes recording, during execution of a program and by a computing system, concrete values exhibited at source and sink statements in the program. The source statements read confidential information and the sink statements release the confidential information to an outside environment. The method includes determining, by the computing system, using at least the recorded concrete values and source-sink pairs whether information leakage meeting one or more quantitative criteria occurs by the program. Apparatus and program products are also disclosed.

主权项

1. A method, comprising:
during execution of a program, recording by a computing system concrete values exhibited at source and sink statements in the program, wherein source statements read confidential information and sink statements release the confidential information to an outside environment; determining, by the computing system, using at least the recorded concrete values and source-sink pairs whether information leakage meeting one or more quantitative criteria occurs by the program, at least by the following:
determining, in response to the source and sink in a source-sink pair having a same thread identification, information leakage by the sink statement in a source-sink pair by determining a quantitative measure of an amount of information released by the sink statement in the source-sink pair; anddetermining whether the quantitative measure meets the one or more quantitative criteria, wherein the quantitative measure of the amount of information release is a number of bits that are the same between a source value and a sink value for the source-sink pair, wherein the number of bits that are the same between the source value and the sink value for the source-sink pair is determined using a difference function comparing the source and sink values and signifying a distance between the source and sink values according to a metric.