Combining Symbolic and Numerical Domains for Information Leakage Analysis

We introduce an abstract domain for information-flow analysis of software. The proposal combines variable dependency analysis with numerical abstractions, yielding to accuracy and efficiency improvements. We apply the full power of the proposal to the case of database query languages as well. Finally, we present an implementation of the analysis, called \(\mathsf {Sails}\), as an instance of a generic static analyzer. Keeping the modular construction of the analysis, the tool allows one to tune the granularity of heap analysis and to choose the numerical domain involved in the reduced product. This way the user can tune the information leakage analysis at different levels of precision and efficiency.

[1]  Geoffrey Smith,et al.  Principles of Secure Information Flow Analysis , 2007, Malware Detection.

[2]  Kim Marriott,et al.  Two Classes of Boolean Functions for Dependency Analysis , 1998, Sci. Comput. Program..

[3]  Gilles Barthe,et al.  Non-interference for a JVM-like language , 2005, TLDI '05.

[4]  Antoine Miné,et al.  A New Numerical Abstract Domain Based on Difference-Bound Matrices , 2001, PADO.

[5]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[6]  Agostino Cortesi,et al.  Information leakage analysis of database query languages , 2014, SAC.

[7]  Pietro Ferrara,et al.  A fast and precise analysis for data race detection , 2008 .

[8]  Pietro Ferrara,et al.  Static Type Analysis of Pattern Matching by Abstract Interpretation , 2010, FMOODS/FORTE.

[9]  Peng Li,et al.  Arrows for secure information flow , 2010, Theor. Comput. Sci..

[10]  H. Stamer Security-Typed Languages for Implementation of Cryptographic Protocols : A Case Study , 2007 .

[11]  Vincent Simonet The Flow Caml System: Documentation and user's manual , 2003 .

[12]  Andrei Sabelfeld,et al.  Cryptographically-masked flows , 2008, Theor. Comput. Sci..

[13]  Flemming Nielson,et al.  Information Flow Analysis for VHDL , 2005, PaCT.

[14]  Agostino Cortesi,et al.  SAILS: static analysis of information leakage with sample , 2012, SAC '12.

[15]  Roberto Giacobazzi,et al.  Abstract non-interference: parameterizing non-interference by abstract interpretation , 2004, POPL.

[16]  Antoine Miné,et al.  The octagon abstract domain , 2001, High. Order Symb. Comput..

[17]  Yin Liu,et al.  Static Information Flow Analysis with Handling of Implicit Flows and a Study on Effects of Implicit Flows vs Explicit Flows , 2010, 2010 14th European Conference on Software Maintenance and Reengineering.

[18]  A. Cortesi,et al.  Prop revisited: propositional formula as abstract domain for groundness analysis , 1991, [1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science.

[19]  Patrick Cousot,et al.  The calculational design of a generic abstract interpreter , 1999 .

[20]  Reinhard Wilhelm,et al.  Parametric shape analysis via 3-valued logic , 1999, POPL '99.

[21]  Alessandro Orso,et al.  Dytan: a generic dynamic taint analysis framework , 2007, ISSTA '07.

[22]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[23]  Patrick Cousot,et al.  Systematic design of program analysis frameworks , 1979, POPL.

[24]  Antoine Mid The Octagon Abstract Domain , 2001 .

[25]  Peeter Laud Semantics and Program Analysis of Computationally Secure Information Flow , 2001, ESOP.

[26]  Mirko Zanotti Security Typings by Abstract Interpretation , 2002, SAS.

[27]  Agostino Cortesi,et al.  Information Leakage Analysis by Abstract Interpretation , 2011, SOFSEM.

[28]  Xin Qi,et al.  Fabric: a platform for secure distributed computation and storage , 2009, SOSP '09.

[29]  Agostino Cortesi,et al.  Static Analysis of String Values , 2011, ICFEM.

[30]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[31]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[32]  Dominique Devriese,et al.  FlowFox: a web browser with flexible and precise information flow control , 2012, CCS '12.

[33]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[34]  Roberto Bagnara,et al.  Applications of polyhedral computations to the analysis and verification of hardware and software systems , 2007, Theor. Comput. Sci..

[35]  Agostino Cortesi,et al.  Abstract interpretation of database query languages , 2012, Comput. Lang. Syst. Struct..

[36]  Anindya Banerjee,et al.  Secure information flow and pointer con .nement in a java-like language , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[37]  Matthew Hennessy,et al.  Semantics of programming languages - an elementary introduction using structural operational semantics , 1990 .

[38]  Bertrand Jeannet,et al.  Apron: A Library of Numerical Abstract Domains for Static Analysis , 2009, CAV.

[39]  Riccardo Focardi,et al.  Information flow security of multi-threaded distributed programs , 2008, PLAS '08.

[40]  Deian Stefan,et al.  Flexible dynamic information flow control in Haskell , 2012, Haskell '11.

[41]  Roberto Bagnara,et al.  The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems , 2006, Sci. Comput. Program..

[42]  H. Andersen An Introduction to Binary Decision Diagrams , 1997 .

[43]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[44]  Flemming Nielson,et al.  Static Analysis for Secrecy and Non-interference in Networks of Processes , 2001, PaCT.

[45]  François Pottier,et al.  Information flow inference for ML , 2003, TOPL.

[46]  K. Rustan M. Leino,et al.  A semantic approach to secure information flow , 2000, Sci. Comput. Program..