A Uniform Information-Flow Security Benchmark Suite for Source Code and Bytecode

Hamann, Tobias; Herda, Mihai; Mantel, Heiko; Mohr, Martin; Schneider, David C.; Tasch, Markus

doi:10.1007/978-3-030-03638-6_27

Cited by 8 publications

(3 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We define three different instances of this domain (deep, shal, dumb), each with a different set of relations (Section 3), and show that deep constitutes a secure heap abstraction (Section 4); -We symbolically specify the security semantics of our input language to capture explicit and implicit flows via the heap, and infer polymorphic informationflow guards via a co-reachability analysis (Section 5). We prove that our analysis under a secure heap abstraction guarantees termination-insensitive noninterference [3]; -We empirically study the respective impacts of our three heap domains, in terms of precision on IFSpec benchmarks [25], and in terms of scalability with 60 real-life ABM applications [26] (Section 7). Our experiments show that our approach offers the best precision, and the heap model precision has an inverse relationship with scalability.…”

Section: Summary Of Contributionsmentioning

confidence: 99%

See 1 more Smart Citation

Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference (Extended Version)

Berthier¹,

Khakpour²

2022

Preprint

View full text Add to dashboard Cite

In the realm of sound object-oriented program analyses for information-flow control, very few approaches adopt flow-sensitive abstractions of the heap that enable a precise modeling of implicit flows. To tackle this challenge, we advance a new symbolic abstraction approach for modeling the heap in Java-like programs. We use a store-less representation that is parameterized with a family of relations among references to offer various levels of precision based on user preferences. This enables us to automatically infer polymorphic information-flow guards for methods via a co-reachability analysis of a symbolic finite-state system. We instantiate the heap abstraction with three different families of relations. We prove the soundness of our approach and compare the precision and scalability obtained with each instantiated heap domain by using the IFSpec benchmarks and real-life applications.

show abstract

Section: Summary Of Contributionsmentioning

confidence: 99%

“…We have employed the IFSpec benchmark suite [25] to assess the precision of our different heap domains and compare our results to KeY [33], Cassandra [21], and Joana [17]. The precision refers to a proportion of test cases that are correctly classified.…”

Section: Precision and Recallmentioning

confidence: 99%

Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference (Extended Version)

Berthier¹,

Khakpour²

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…An evaluation [21] done on a collection of benchmarks [16] containing both secure and insecure programs shows that relational bounded feasible path-coverage is an appropriate coverage criterion for noninterference properties: for high coverage values, we either find no violations for the secure programs or find at least one violation for most insecure programs.…”

Section: Coverage Criteriamentioning

confidence: 99%

Integration of Static and Dynamic Analysis Techniques for Checking Noninterference

Beckert

Herda

Kirsten

et al. 2020

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

In this article, we present an overview of recent combinations of deductive program verification and automatic test generation on the one hand and static analysis on the other hand, with the goal of checking noninterference. Noninterference is the non-functional property that certain confidential information cannot leak to certain public output, i.e., the confidentiality of that information is always preserved. We define the noninterference properties that are checked along with the individual approaches that we use in different combinations. In one use case, our framework for checking noninterference employs deductive verification to automatically generate tests for noninterference violations with an improved test coverage. In another use case, the framework provides two combinations of deductive verification with static analysis based on system dependence graphs to prove noninterference, thereby reducing the effort for deductive verification.

show abstract

Symbolic Abstract Heaps for Polymorphic Information-Flow Guard Inference

Berthier

Khakpour

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

A Uniform Information-Flow Security Benchmark Suite for Source Code and Bytecode

Cited by 8 publications

References 27 publications

Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference (Extended Version)

Symbolic Abstract Heaps for Polymorphic Information-flow Guard Inference (Extended Version)

Integration of Static and Dynamic Analysis Techniques for Checking Noninterference

Symbolic Abstract Heaps for Polymorphic Information-Flow Guard Inference

Contact Info

Product

Resources

About