combining graph based information flow analysis
play

Combining Graph-Based Information-Flow Analysis with KeY for Proving - PowerPoint PPT Presentation

Jul 19, 2023 •98 likes •409 views

Combining Graph-Based Information-Flow Analysis with KeY for Proving Non-Interference KeY Symposium | 27.07.2016 INSTITUTE FOR APPLICATION-ORIENTED FORMAL VERIFICATION , FACULTY OF INFORMATICS KIT University of the State of Baden-Wuerttemberg

  1. Combining Graph-Based Information-Flow Analysis with KeY for Proving Non-Interference KeY Symposium | 27.07.2016 INSTITUTE FOR APPLICATION-ORIENTED FORMAL VERIFICATION , FACULTY OF INFORMATICS KIT – University of the State of Baden-Wuerttemberg and www.kit.edu National Research Center of the Helmholtz Association

  2. Agenda Motivation Objective Preliminary Combined Approach Demonstration Conclusion and future work Marko Kleine Büning – Deduktive Informationsfluss-Analyse 2 16-07-27 Institute for Application-oriented Formal Verification, anhand eines E- Voting Systems Faculty of Informatics

  3. Motivation Current hybrid approach needs high degree of user interaction Program code has to be manually modified Proving of functional properties But KeY is capable of creating information flow proofs There should be a way to use KeY’s information flow capabilities in a hybrid approach. Motivation Objective Preliminary Combined Approach Demonstration Conclusion 3 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  4. Objective Development and implementation of an approach, that can prove non- interference for complex systems ! ? Objective Status Quo ● Two types of tools for ● Combined approach for information flow control information flow proofs ● Joana runs automatic but ● The approach should be creates false positives automatic and precise ● KeY proofs are precise but ● KeY is called for as few as interactive and time-costly possible methods Objective: Creation of an approach that creates automatic and precise information flow proofs. Motivation Objective Preliminary Combined Approach Demonstration Conclusion 4 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  5. Preliminary – Information Flow Observation of an information flow No flow from secret input to public output Guarantees End-to-End Security Source: KlUl15 Motivation Objective Preliminary Combined Approach Demonstration Conclusion 5 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  6. Preliminary – Non-Interference Non-Interference • A variation of the secret input must not lead to a variation of the public output. Source: SchSch12 Example: Secure, the results of 𝑚 only depends on 𝑚 Motivation Objective Preliminary Combined Approach Demonstration Conclusion 6 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  7. Preliminary – Non-Interference Non-Interference • A variation of the secret input must not lead to a variation of the public output. Source: SchSch12 Example: Not secure, because the result of 𝑚 depends on ℎ Motivation Objective Preliminary Combined Approach Demonstration Conclusion 7 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  8. Preliminary – Joana Source: Joa16 Motivation Objective Preliminary Combined Approach Demonstration Conclusion 8 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  9. Preliminary – Joana Program Dependency Graph: Source: Griff12 Motivation Objective Preliminary Combined Approach Demonstration Conclusion 9 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  10. Preliminary – Joana Extension of PDG‘s are System Dependency Graphs (SDGs) Source: Griff12 Motivation Objective Preliminary Combined Approach Demonstration Conclusion 10 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  11. Preliminary – Joana Summary Edges • Additional edge between actual-in and actual-out nodes • Represent transitive flow from a parameter to a return value Motivation Objective Preliminary Combined Approach Demonstration Conclusion 11 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  12. Preliminary – Joana Motivation Objective Preliminary Combined Approach Demonstration Conclusion 12 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  13. Preliminary – Joana Motivation Objective Preliminary Combined Approach Demonstration Conclusion 13 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  14. Preliminary – Joana Motivation Objective Preliminary Combined Approach Demonstration Conclusion 14 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  15. Combined Approach Joana SDG Motivation Objective Preliminary Combined Approach Demonstration Conclusion 15 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  16. Combined Approach low high Joana SDG All path from low to high low Validate summary edges high Motivation Objective Preliminary Combined Approach Demonstration Conclusion 16 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  17. Combined Approach low high Joana SDG All path from low to high low Information Flow leak Validate summary edges high Motivation Objective Preliminary Combined Approach Demonstration Conclusion 17 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  18. Combined Approach low high Joana SDG All path from low to high low Non-Interference guarantee Validate summary edges high Motivation Objective Preliminary Combined Approach Demonstration Conclusion 18 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  19. Combined Approach - Distinction of cases Main Act-In Param 1 secure Act-Out Return 1 Act-In Param 2 mulZero Act-Out The path is interrupted if we can prove non- Return 2 interference for one of the methods Return Motivation Objective Preliminary Combined Approach Demonstration Conclusion 19 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  20. Combined Approach - Distinction of cases Main Act-In Param 1 minus Act-Out Return 1 Act-In Param 2 plus Act-Out It can be that the two methods together have to Return 2 be proven Return Motivation Objective Preliminary Combined Approach Demonstration Conclusion 20 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  21. Combined Approach - Distinction of cases Main Act-In Act-In Param 2 Param 1 Act-Out Act-Out Two methods are called independently Return 2 Return 1 and are both relevant to the result Non-Interference has to be proven for Return both methods Motivation Objective Preliminary Combined Approach Demonstration Conclusion 21 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

  22. Combined Approach - Distinction of cases Main Act-In Act-In Param 1 Param 1 Act-Out Act-Out Return 1 Return 1 We always try to delete summary edges Return bottom up Motivation Objective Preliminary Combined Approach Demonstration Conclusion 22 16-07-27 Marko Kleine Büning - Combining Graph-Based Information-Flow Analysis with Institute for Application-oriented Formal Verification, KeY for Proving Non-Interference Faculty of Informatics

Recommend

Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical

Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical

Dataflow analysis Theory and Applications cs6463 1 Control-flow graph Graphical representation of runtime control-flow paths Nodes of graph: basic blocks (straight-line computations) Edges of graph: flows of control Useful for

679 views • 39 slides
Time and Probability based Introduction Information Flow Analysis The Model of PTA

Time and Probability based Introduction Information Flow Analysis The Model of PTA

Time and Probability based Information Flow Analysis A. Troina Time and Probability based Introduction Information Flow Analysis The Model of PTA Non-interference Non-deterministic Systems Timed Systems Angelo Troina Probabilistic

709 views • 23 slides
Combining Instrumentation and Sampling for Trace-based Application Performance Analysis 8th

Combining Instrumentation and Sampling for Trace-based Application Performance Analysis 8th

Center for Information Services and High Performance Computing (ZIH) Combining Instrumentation and Sampling for Trace-based Application Performance Analysis 8th International Parallel Tools Workshop Stuttgart, Germany, October 2, 2014 Thomas

812 views • 35 slides
CS293S Iterative Data-Flow Analysis Yufei Ding Review: Computing Available Expressions The Big

CS293S Iterative Data-Flow Analysis Yufei Ding Review: Computing Available Expressions The Big

CS293S Iterative Data-Flow Analysis Yufei Ding Review: Computing Available Expressions The Big Picture 1. Build a control-flow graph 2. Gather the initial data: DEE XPR (b) & E XPR K ILL (b) 3. Propagate information around the graph,

477 views • 37 slides
Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by

Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by

Data-flow analysis Introduction to data-flow analysis Michel Schinz based on material by Erik Stenman and Michael Schwartzbach Data-flow analysis Example: liveness Data-flow analysis is a global analysis framework that can be used to

635 views • 11 slides
Combining information from different sources: A resampling based approach S.N. Lahiri Department

Combining information from different sources: A resampling based approach S.N. Lahiri Department

Combining information from different sources: A resampling based approach S.N. Lahiri Department of Statistics North Carolina State University May 17, 2013 Overview Background Examples/Potential applications Theoretical Framework Combining

338 views • 33 slides
Parallel Flow-Sensitive Pointer Analysis by Graph-Rewriting Vaivaswatha Nagaraj R. Govindarajan

Parallel Flow-Sensitive Pointer Analysis by Graph-Rewriting Vaivaswatha Nagaraj R. Govindarajan

Parallel Flow-Sensitive Pointer Analysis by Graph-Rewriting Vaivaswatha Nagaraj R. Govindarajan Indian Institute of Science, Bangalore PACT 2013 PACT'13 2 Outline Introduction Background Flow-sensitive graph-rewriting formulation

1.06k views • 74 slides
Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang

Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang

Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang Pennsylvania State University University Park, PA, USA {pzl129,zhang}@cse.psu.edu Background: Information Flow Analysis o Security enforcement to prevent

379 views • 24 slides
1 Liveness by Example (cont) Control Flow Graphs (CFGs) Live range of a Definition a is live

1 Liveness by Example (cont) Control Flow Graphs (CFGs) Live range of a Definition a is live

Introduction to Data-flow analysis Data-flow Analysis Last Time Idea Undergraduate compilers review Data-flow analysis derives information about the dynamic behavior of a program by only examining the static code Assem.Instr data

903 views • 4 slides
1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

Control-Flow Analysis and Loop Detection Context Last time Data-flow Speeding up data-flow analysis Flow of data values from defs to uses Could alternatively be represented as a data dependence Today Control-flow analysis

516 views • 5 slides
Language-Based Information-Flow Security Presenter: Yiming Zhang Goal of this paper? This is a

Language-Based Information-Flow Security Presenter: Yiming Zhang Goal of this paper? This is a

Language-Based Information-Flow Security Presenter: Yiming Zhang Goal of this paper? This is a survey paper that studies the research on information-flow security, especially on work that uses static program analysis. Why language-based

585 views • 24 slides
Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of Graph Cluster Analysis Algorithms for Graph Clustering k-Spanning Tree Shared Nearest Neighbor Betweenness Centrality Based Highly

836 views • 48 slides
Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful

Flow Analysis Data-flow analysis, Control-flow analysis, Abstract interpretation, AAM Helpful Reading: Sections 1.1-1.5, 2.1 Data-flow analysis (DFA) A framework for statically proving facts about program data. Focuses on simple, finite

1.04k views • 54 slides
Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing devroom @ FOSDEM 2018 JAVASCRIPT Latest standard: ECMAScript 2017 STATIC ANALYSIS Static source code analysis is a software testing approach

1.09k views • 40 slides
Combining Probabilistic and Translation- Based Models for Information Retrieval based on Word

Combining Probabilistic and Translation- Based Models for Information Retrieval based on Word

Combining Probabilistic and Translation- Based Models for Information Retrieval based on Word Sense Annotations Elisabeth Wolf, Delphine Bernhard, Iryna Gurevych Ubiquitous Knowledge Processing (UKP) Lab Prof. Dr. Iryna Gurevych Fachbereich

711 views • 38 slides
Foundations of pred(n) = set of all immediate predecessors of n p ( ) p Dataflow Analysis

Foundations of pred(n) = set of all immediate predecessors of n p ( ) p Dataflow Analysis

Terminology: Program Representation e o ogy: og a ep ese tat o Control Flow Graph: Control Flow Graph: Nodes N statements of program Edges E flow of control Foundations of pred(n) = set of all immediate predecessors of

591 views • 17 slides
Interprocedural Analysis and Abstract Interpretation cs6463 1 Outline Interprocedural

Interprocedural Analysis and Abstract Interpretation cs6463 1 Outline Interprocedural

Interprocedural Analysis and Abstract Interpretation cs6463 1 Outline Interprocedural analysis control-flow graph MVP: Meet over Valid Paths Making context explicit Context based on call-strings Context based on

528 views • 34 slides
Course outline 1. Language-Based Security: motivation 2. Language-Based Information-Flow Security:

Course outline 1. Language-Based Security: motivation 2. Language-Based Information-Flow Security:

Course outline 1. Language-Based Security: motivation 2. Language-Based Information-Flow Security: the big picture 3. Dimensions and principles of declassification 4. Dynamic vs. static security enforcement 5. Tracking information flow in web

641 views • 30 slides
Information Flow and Graph Structure in On-Line Social Networks Jon Kleinberg Cornell University

Information Flow and Graph Structure in On-Line Social Networks Jon Kleinberg Cornell University

Information Flow and Graph Structure in On-Line Social Networks Jon Kleinberg Cornell University Including joint work with Lada Adamic, Ashton Anderson, Lars Backstrom, Flavio Chierichetti, Justin Cheng, Cristian Danescu-Niculescu-Mizil,

613 views • 49 slides
Data-flow Analysis Idea Data-flow analysis derives information about the dynamic behavior of a

Data-flow Analysis Idea Data-flow analysis derives information about the dynamic behavior of a

Data-flow Analysis Idea Data-flow analysis derives information about the dynamic behavior of a program by only examining the static code Example How many registers do we need a := 0 1 for the program on the right? L1: b := a + 1 2

408 views • 12 slides
CO444H SSA SSA Construction SSA-based analysis Ben Livshits 1 Refresher: Reaching Definitions

CO444H SSA SSA Construction SSA-based analysis Ben Livshits 1 Refresher: Reaching Definitions

Dataflow Solutions CO444H SSA SSA Construction SSA-based analysis Ben Livshits 1 Refresher: Reaching Definitions Direction D = forward. Domain V = set of all sets of definitions in the flow graph. = union. Functions F =

659 views • 54 slides
Graph Analysis Techniques for Network Flow Records Using Open Cyber Ontology Group (OCOG) Format

Graph Analysis Techniques for Network Flow Records Using Open Cyber Ontology Group (OCOG) Format

Archive # Graph Analysis Techniques for Network Flow Records Using Open Cyber Ontology Group (OCOG) Format Robert W. Techentin David R. Holmes, III James C. Nelms Barry K. Gilbert Presented to FloCon 2016, Daytona Beach, FL January 12, 2016

503 views • 32 slides
Introduction I Can use a directed graph as a flow network to model: Computer Science &

Introduction I Can use a directed graph as a flow network to model: Computer Science &

Introduction I Can use a directed graph as a flow network to model: Computer Science & Engineering 423/823 I Data through communication networks, water/oil/gas through pipes, Design and Analysis of Algorithms assembly lines, etc. Lecture 11

304 views • 6 slides
Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies

Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies

Lecture 17: Information Flow Basics and background Entropy Nonlattice flow policies Compiler-based mechanisms Execution-based mechanisms Examples Security Pipeline Interface Secure Network Server Mail Guard February

625 views • 44 slides

More recommend