Quantification of Secrecy in Partially Observed Stochastic Discrete Event Systems

While cryptography is used to protect the content of information (e.g., a message) by making it undecipherable, behaviors (as opposed to information) may not be encrypted and may only be protected by partially or fully hiding through creation of ambiguity (by providing covers that generate indistinguishable observations from secrets). Having a cover together with partial observability does cause ambiguity about the system behaviors desired to be kept secret, yet some information about secrets may still be leaked due to statistical difference between the occurrence probabilities of the secrets and their covers. In this paper, we propose a Jensen–Shannon divergence (JSD)-based measure to quantify secrecy loss in systems modeled as partially observed stochastic discrete event systems, which quantifies the statistical difference between two distributions, one over the observations generated by secret and the other over those generated by cover. We further show that the proposed JSD measure for secrecy loss is equivalent to the mutual information between the distributions over possible observations and that over possible system status (secret versus cover). Since an adversary is likely to discriminate more if he/she observes for a longer period, our goal is to evaluate the worst case loss of secrecy as obtained in the limit over longer and longer observations. Computation for the proposed measure is also presented. Illustrative examples, including the one with side-channel attack, are provided to demonstrate the proposed computation approach.

[1]  Christoforos N. Hadjicostis,et al.  Verification of Infinite-Step Opacity and Analysis of its Complexity* , 2009 .

[2]  Christoforos N. Hadjicostis,et al.  Current-State Opacity Formulations in Probabilistic Finite Automata , 2014, IEEE Transactions on Automatic Control.

[3]  Christoforos N. Hadjicostis,et al.  Verification of Infinite-Step Opacity and Complexity Considerations , 2012, IEEE Transactions on Automatic Control.

[4]  Jun Chen,et al.  Stochastic Failure Prognosability of Discrete Event Systems , 2015, IEEE Transactions on Automatic Control.

[5]  Jun Chen,et al.  Fault Detection of Discrete-Time Stochastic Systems Subject to Temporal Logic Correctness Requirements , 2015, IEEE Transactions on Automation Science and Engineering.

[6]  Jun Chen,et al.  Secrecy in stochastic discrete event systems , 2014, Proceedings of the 11th IEEE International Conference on Networking, Sensing and Control.

[7]  Rajeev K. Azad,et al.  Generalization of Entropy Based Divergence Measures for Symbolic Sequence Analysis , 2014, PloS one.

[8]  Geoffrey Smith,et al.  Min-entropy as a resource , 2013, Inf. Comput..

[9]  Demosthenis Teneketzis,et al.  Diagnosability of stochastic discrete-event systems , 2005, IEEE Transactions on Automatic Control.

[10]  Jun Chen,et al.  Polynomial Test for Stochastic Diagnosability of Discrete-Event Systems , 2013, IEEE Transactions on Automation Science and Engineering.

[11]  Krishnendu Chatterjee,et al.  Probabilistic opacity for Markov decision processes , 2014, Inf. Process. Lett..

[12]  B. Nordstrom FINITE MARKOV CHAINS , 2005 .

[13]  Jie Wu,et al.  Survey on anonymous communications in computer networks , 2010, Comput. Commun..

[14]  Jean-Jacques Lesage,et al.  Opacity of Discrete Event Systems: models, validation and quantification , 2015 .

[15]  Maciej Koutny,et al.  Towards Quantitative Analysis of Opacity , 2012, TGC.

[16]  Christoforos N. Hadjicostis,et al.  Verification of $K$-Step Opacity and Analysis of Its Complexity , 2009, IEEE Transactions on Automation Science and Engineering.

[17]  Christoforos N. Hadjicostis,et al.  Verification of K-step opacity and analysis of its complexity , 2011, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[18]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[19]  Deepa Kundur,et al.  Practical Internet Steganography : Data Hiding in IP , 2003 .

[20]  Ratnesh Kumar,et al.  A probabilistic language formalism for stochastic discrete-event systems , 1999, IEEE Trans. Autom. Control..

[21]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[22]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[23]  Uby,et al.  Secure Cache Modeling for Measuring Side-channel Leakage , 2014 .

[24]  D. Thorsley,et al.  Diagnosability of stochastic discrete-event systems under unreliable observations , 2008, 2008 American Control Conference.

[25]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[26]  Peter A. Beerel,et al.  Efficient state classification of finite state Markov chains , 1998, DAC.

[27]  Shigemasa Takai,et al.  Verification and synthesis for secrecy in discrete-event systems , 2009, 2009 American Control Conference.

[28]  Jun Chen,et al.  Failure Detection Framework for Stochastic Discrete Event Systems With Guaranteed Error Bounds , 2015, IEEE Transactions on Automatic Control.

[29]  Michael Backes,et al.  Automatic Discovery and Quantification of Information Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[30]  Asok Ray,et al.  A language measure for performance evaluation of discrete-event supervisory control systems , 2004 .

[31]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[32]  Thomas Kaijser A Limit Theorem for Partially Observed Markov Chains , 1975 .