CS 292 Home Page

CS 292G - Quantitative Information Flow and Side Channels - Fall 2021

Instructor: Tevfik Bultan Office: Eng. I 2104 Office Hours: Thursday 1:00-3:00
Class Times: Tuesday/Thursday 11:00-12:50 Location: PHELP 2510
Units: 4
Course webpage: http://www.cs.ucsb.edu/~bultan/courses/292/

Course Topics

Many computer systems have access to sensitive information nowadays and, consequently, information leakage has become a significant security concern for users. Side-channel vulnerabilities that are based on information gained by observing nonfunctional properties of computer systems (such as execution time or memory usage) can enable attackers to infer the secret information that the system accesses.

In this course, we will discuss static and dynamic analysis techniques for detecting information leakage in computer systems. In most practical settings, complete elimination of information leakage, where all observable outputs are independent of secrets (called noninterference), is not achievable. An alternative approach, called quantitative information flow analysis, is to quantify the amount of information that leaks from a given computer system using information theoretic concepts such as entropy. Quantitative information flow analysis enables detection of harmful side-channel vulnerabilities while minimizing false alarms that are due to benign information leakage. In this course, we will discuss recent developments in detection of side-channel vulnerabilities and quantitative information flow analysis. The topics we will discuss include:

static and dynamic analysis techniques for side-channel detection,
probabilistic symbolic execution,
model counting constraint solvers,
hyperproperties in temporal logics, and
attack synthesis.

Course Work

There will be several homework assignments, a midterm exam, and a final exam. The papers related to the topics discussed in the class and/or lecture notes will be given as reading assignments.

Announcements

For all emails you send to the instructor related to this course, please use the following prefix in the subject line "CS292G"
The class on November 2nd, Tuesday is CANCELED.
UPDATE: The take home Midterm will be distributed at the end of the class on November 16th, and it will be collected at the beginning of the class on November 18th.
The take home Final will be during the Finals week (the week of December 6th).
I will have office hours on Friday (November 12th) between 12:00-1:00 and 3:00-4:00 in my office (HFH 2104).
November 16th lecture will be a review of the topics we discussed before the midterm.
Midterm covers lectures 1 to 12.
Final exam will be distributed on December 7th, Tuesday at 11:00AM and it will be due at noon on December 8th, Wednesday.
Final will cover Lectures 1 to 16. Lecture 17 is not included in the Final.

Homework Assignments

Homework 1, due Thursday, October 14, 11:00AM in class. If you are not able to attend class please send your homework via email.
Homework 2, due Tuesday, November 2, 4:00PM. You can drop the homework in my mailbox at HFH 2108. You can also send your homework via email.
Homework 3, due Monday, November 6, at noon. You can drop the homework in my mailbox at HFH 2108 or at my office HFH 2104. You can also send your homework via email.

Slides from Lectures and Reading Assignments

Lecture 1: Introduction
Lecture 2: Quantifying Information Leakage
- Geoffrey Smith. On the Foundations of Quantitative Information Flow. FOSSACS 2009: 288-302
- Geoffrey Smith. Quantifying Information Flow Using Min-Entropy. QEST 2011: 159-167
Lecture 3: Modeling Adaptive Attacks
- An information-theoretic model for adaptive side-channel attacks. Boris Köpf, David Basin.
- Automatically deriving information-theoretic bounds for adaptive side-channel attacks. Boris Köpf, David Basin.
Lecture 4: Alternative Measures for Information Leakage
Lecture 5: Symbolic Execution
- Roberto Baldoni, Emilio Coppa, Daniele Cono D'Elia, Camil Demetrescu, Irene Finocchi. A Survey of Symbolic Execution Techniques. ACM Comput. Surv. 51(3): 50:1-50:39 (2018)
- Corina S. Pasareanu, Willem Visser, David H. Bushnell, Jaco Geldenhuys, Peter C. Mehlitz, Neha Rungta. Symbolic PathFinder: integrating symbolic execution with model checking for Java bytecode analysis. Autom. Softw. Eng. 20(3): 391-425 (2013) Alternate link
- Z3: An Efficient SMT Solver. Leonardo Mendonça de Moura, Nikolaj Bjørner. TACAS 2008: 337-340
- "DART: Directed Automated Random Testing," Patrice Godefroid, Nils Klarlund, and Koushik Sen, In Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation (PLDI 2005).
- "CUTE: A Concolic Unit Testing Engine for C" Koushik Sen, Darko Marinov, Gul Agha. European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2005).
Lecture 6: Probabilistic Symbolic Execution
- Jaco Geldenhuys, Matthew B. Dwyer, Willem Visser. Probabilistic symbolic execution. ISSTA 2012: 166-176
- Willem Visser, Jaco Geldenhuys, Matthew B. Dwyer. Green: reducing, reusing and recycling constraints in program analysis. SIGSOFT FSE 2012: 58
- Antonio Filieri, Corina S. Pasareanu, Willem Visser. Reliability analysis in symbolic pathfinder. ICSE 2013: 622-631
- Antonio Filieri, Corina S. Pasareanu, Willem Visser, Jaco Geldenhuys. Statistical symbolic execution with informed sampling. SIGSOFT FSE 2014: 437-448
Lecture 7: DPLL and Model Counting for Boolean Constraints
- Elazar Birnbaum, Eliezer L. Lozinskii, The good old Davis-Putnam procedure helps counting models.
Lecture 8: Satisfiability Modula Theories (SMT)
- Robert Nieuwenhuis, Albert Oliveras, Cesare Tinelli. Solving SAT and SAT Modulo Theories: From an abstract Davis--Putnam--Logemann--Loveland procedure to DPLL(T). J. ACM 53(6): 937-977 (2006)
Lecture 9: Model Counting for Boolean Combination of Constraints
- Feifei Ma, Sheng Liu, Jian Zhang. Volume Computation for Boolean Combination of Linear Arithmetic Constraints. CADE 2009: 453-468
Lectures 10 and 11: Model Counting with BDDs, and Automata
- Randal E. Bryant Binary Decision Diagrams. Handbook of Model Checking 2018: 191-217
- Carla P. Gomes, Ashish Sabharwal, and Bart Selman. Model Counting. Handbook of Satisfiability 2008, Chapter 20.
- Abdulbaki Aydin, Lucas Bang, Tevfik Bultan. Automata-Based Model Counting for String Constraints. CAV (1) 2015: 255-272.
- Abdulbaki Aydin, William Eiers, Lucas Bang, Tegan Brennan, Miroslav Gavrilov, Tevfik Bultan, Fang Yu. Parameterized Model Counting for String and Numeric Constraints. ESEC/SIGSOFT FSE 2018: 400-410
Lecture 12: Symbolic Quantitative Information Flow and Adaptive Attack Synthesis
- Michael Backes, Boris Köpf, Andrey Rybalchenko. Automatic Discovery and Quantification of Information Leaks. IEEE Symposium on Security and Privacy 2009: 141-153
- Lucas Bang, Abdulbaki Aydin, Quoc-Sang Phan, Corina S. Pasareanu, Tevfik Bultan. String analysis for side channels with segmented oracles. SIGSOFT FSE 2016: 193-204
- Quoc-Sang Phan, Lucas Bang, Corina S. Pasareanu, Pasquale Malacaria, Tevfik Bultan. Synthesis of Adaptive Side-Channel Attacks. CSF 2017: 328-342
- Lucas Bang, Nicolás Rosner, Tevfik Bultan. Online Synthesis of Adaptive Side-Channel Attacks Based On Noisy Observations. EuroS&P 2018: 307-322
Lecture 13: Quantifying Information Leaks Using Bounded Model Checking
- Jonathan Heusser, Pasquale Malacaria. Quantifying information leaks in software. ACSAC 2010: 261-269
- Edmund M. Clarke, Daniel Kroening, Flavio Lerda: A Tool for Checking ANSI-C Programs. TACAS 2004: 168-176
Lectures 14-15 : Temporal Logics and Hyperproperties
- Michael R. Clarkson, Fred B. Schneider: Hyperproperties. CSF 2008: 51-65
- Michael R. Clarkson, Bernd Finkbeiner, Masoud Koleini, Kristopher K. Micinski, Markus N. Rabe, César Sánchez: Temporal Logics for Hyperproperties. POST 2014: 265-284
Lectures 16: Self-composition
- Tachio Terauchi, Alexander Aiken: Secure Information Flow as a Safety Problem. SAS 2005: 352-367
Lectures 17: Hoare Logic and k-safety
- Marcelo Sousa, Isil Dillig: Cartesian hoare logic for verifying k-safety properties. PLDI 2016: 57-69

Related Papers

Quantitative Information Flow Analysis
- Geoffrey Smith. On the Foundations of Quantitative Information Flow. FOSSACS 2009: 288-302
- Geoffrey Smith. Quantifying Information Flow Using Min-Entropy. QEST 2011: 159-167
- Pasquale Malacaria. Assessing security threats of looping constructs. POPL 2007: 225-235
- David Clark, Sebastian Hunt, Pasquale Malacaria. A static analysis for quantifying information flow in a simple imperative language. Journal of Computer Security 15(3): 321-371 (2007) Alternate link
- Michael Backes, Boris Köpf, Andrey Rybalchenko. Automatic Discovery and Quantification of Information Leaks. IEEE Symposium on Security and Privacy 2009: 141-153
- Jonathan Heusser, Pasquale Malacaria. Quantifying information leaks in software. ACSAC 2010: 261-269
- Quantitative Security Analysis for Programs with Low Input and Noisy Output. Tri Minh Ngo, Marieke Huisman.
- Quantitative information flow under generic leakage functions and adaptive adversaries M. Boreale, Francesca Pampaloni.
- Measuring Information Leakage Using Generalized Gain Functions Mario S. Alvim, Kostas Chatzikokolakis, Catuscia Palamidessi, Geoffrey Smith.
- Quoc-Sang Phan, Pasquale Malacaria, Oksana Tkachuk, Corina S. Pasareanu. Symbolic quantitative information flow. ACM SIGSOFT Software Engineering Notes 37(6): 1-5 (2012)
- Quoc-Sang Phan, Pasquale Malacaria, Corina S. Pasareanu, Marcelo d'Amorim. Quantifying information leaks using reliability analysis. SPIN 2014: 105-108
- Stephen McCamant, Michael D. Ernst. Quantitative information flow as network flow capacity. PLDI 2008: 193-205
- Stephen McCamant, Michael D. Ernst. Quantitative information flow tracking for C and related languages. MIT-CSAIL-TR-2006-076
- On the relation between Differential Privacy and Quantitative Information Flow. Mario S. Alvim, Miguel E. Andres.
- Ian Sweet, José Manuel Calderón Trilla, Chad Scherrer, Michael Hicks, Stephen Magill. What's the Over/Under? Probabilistic Bounds on Information Leakage. POST 2018: 3-27
- Piotr Mardziel, Mário S. Alvim, Michael W. Hicks, Michael R. Clarkson. Quantifying Information Flow for Dynamic Secrets. IEEE Symposium on Security and Privacy 2014: 540-555
- Giovanni Cherubin, Konstantinos Chatzikokolakis, Catuscia Palamidessi: F-BLEAU: Fast Black-box Leakage Estimation. CoRR abs/1902.01350 (2019)
Side-Channel Analysis
- Timing Analysis of Keystrokes and Timing Attacks on SSH. Dawn Xiaodong Song, David Wagner, Xuqing Tian.
- An information-theoretic model for adaptive side-channel attacks. Boris Köpf, David Basin.
- Automatically deriving information-theoretic bounds for adaptive side-channel attacks. Boris Köpf, David Basin.
- Shuo Chen, Rui Wang, XiaoFeng Wang, Kehuan Zhang. Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow. IEEE Symposium on Security and Privacy 2010: 191-206
- Goran Doychev, Dominik Feld, Boris Köpf, Laurent Mauborgne, Jan Reineke. CacheAudit: A Tool for the Static Analysis of Cache Side Channels. USENIX Security 2013: 431-446
- Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT. Corina S. Pasareanu, Quoc-Sang Phan, Pasquale Malacaria.
- SMT-Based Verification of Software Countermeasures against Side-Channel Attacks. Hassan Eldib, Chao Wang, Patrick Schaumont.
- Lucas Bang, Abdulbaki Aydin, Quoc-Sang Phan, Corina S. Pasareanu, Tevfik Bultan. String analysis for side channels with segmented oracles. SIGSOFT FSE 2016: 193-204
- Pasquale Malacaria, M. H. R. Khouzani, Corina S. Pasareanu, Quoc-Sang Phan, Kasper Søe Luckow. Symbolic Side-Channel Analysis for Probabilistic Programs. CSF 2018: 313-327
- Tom Chothia, Yusuke Kawamoto, Chris Novakovic. LeakWatch: Estimating Information Leakage from Java Programs. ESORICS (2) 2014: 219-236
- Tom Chothia, Yusuke Kawamoto, Chris Novakovic. A Tool for Estimating Information Leakage. CAV 2013: 690-695
- Tom Chothia, Yusuke Kawamoto, Chris Novakovic, David Parker. Probabilistic Point-to-Point Information Leakage. CSF 2013: 193-205 2012
- Timos Antonopoulos, Paul Gazzillo, Michael Hicks, Eric Koskinen, Tachio Terauchi, and Shiyi Wei. Decomposition instead of self-composition for proving the absence of timing channels. In ACM SIGPLAN Notices, volume 52, pages 362–375. ACM, 2017.
- Jia Chen, Yu Feng, and Isil Dillig. Precise detection of side-channel vulnerabilities using quantitative cartesian hoare logic. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 875–890. ACM, 2017.
- Tegan Brennan, Seemanta Saha, Tevfik Bultan, and Corina S Pasareanu. Symbolic Path cost analysis for side-channel detection. In Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 27–37. ACM, 2018.
- Shirin Nilizadeh, Yannic Noller, and Corina S Pasareanu. Diffuzz: Differential fuzzing for side-channel analysis. arXiv preprint arXiv:1811.07005, 2018
Attack Synthesis
- Quoc-Sang Phan, Lucas Bang, Corina S. Pasareanu, Pasquale Malacaria, Tevfik Bultan. Synthesis of Adaptive Side-Channel Attacks. CSF 2017: 328-342
- Lucas Bang, Nicolás Rosner, Tevfik Bultan. Online Synthesis of Adaptive Side-Channel Attacks Based On Noisy Observations. EuroS&P 2018: 307-322
- Seemanta Saha, Ismet Burak Kadron, William Eiers, Lucas Bang, Tevfik Bultan. Attack Synthesis for Strings using Meta-Heuristics. ACM SIGSOFT Software Engineering Notes 43(4): 56 (2018)
Symbolic Quantitative Analysis
- Jaco Geldenhuys, Matthew B. Dwyer, Willem Visser. Probabilistic symbolic execution. ISSTA 2012: 166-176
- Corina S. Pasareanu, Willem Visser, David H. Bushnell, Jaco Geldenhuys, Peter C. Mehlitz, Neha Rungta. Symbolic PathFinder: integrating symbolic execution with model checking for Java bytecode analysis. Autom. Softw. Eng. 20(3): 391-425 (2013) Alternate link
- Antonio Filieri, Corina S. Pasareanu, Willem Visser. Reliability analysis in symbolic pathfinder. ICSE 2013: 622-631
- Mateus Borges, Antonio Filieri, Marcelo d'Amorim, Corina S. Pasareanu, Willem Visser. Compositional solution space quantification for probabilistic software analysis. PLDI 2014: 15
Model counting
- A Model Counter For Constraints Over Unbounded Strings. Loi Luu, Shweta Shinde, Prateek Saxena.
- Abdulbaki Aydin, Lucas Bang, Tevfik Bultan. Automata-Based Model Counting for String Constraints. CAV (1) 2015: 255-272
- Abdulbaki Aydin, William Eiers, Lucas Bang, Tegan Brennan, Miroslav Gavrilov, Tevfik Bultan, Fang Yu. Parameterized model counting for string and numeric constraints. ESEC/SIGSOFT FSE 2018: 400-410
- The good old Davis-Putnam procedure helps counting models. Elazar Birnbaum, Eliezer L. Lozinskii.
- Satisfiability modulo counting: a new approach for analyzing privacy properties. Matthew Fredrikson, Somesh Jha.
- Symbolic Polytopes for Quantitative Interpolation and Verification. Klaus v. Gleissenthall1, Boris Kopf, and Andrey Rybalchenko.
- An Automata-Theoretic Algorithm for Counting Solutions to Presburger Formulas. Erin Parker, Siddhartha Chatterjee.
- Abstract model counting: a novel approach for quantification of information leaks. Quoc-Sang Phan, Pasquale Malacaria.
- A Polynomial Time Algorithm for Counting Integral Points in Polyhedra When the Dimension Is Fixed. Alexander I. Barvinok.
- Effective lattice point counting in rational convex polytopes. Jesús A. De Loerab, Raymond Hemmeckeb, Jeremiah Tauzera, Ruriko Yoshidab.
- Distribution-Aware Sampling and Weighted Model Counting for SAT. Supratik Chakraborty, Daniel J. Fremont, Kuldeep S. Meel, Sanjit A. Seshia, Moshe Y. Vardi.
- From Weighted to Unweighted Model Counting. Supratik Chakraborty, Dror Fried, Kuldeep S. Meel, Moshe Y. Vardi.
- Algorithmic Improvements in Approximate Counting for Probabilistic Inference: From Linear to Logarithmic SAT Calls Supratik Chakraborty, Kuldeep S. Meel, Moshe Y. Vardi.
- Approximate Probabilistic Inference via Word-Level Counting. Supratik Chakraborty, Kuldeep S. Meel, Rakesh Mistry, Moshe Y. Vardi.
- Mateus Borges, Quoc-Sang Phan, Antonio Filieri, Corina S. Pasareanu. Model-Counting Approaches for Nonlinear Numerical Constraints. NFM 2017: 131-138
- Antonio Filieri, Marcelo F. Frias, Corina S. Pasareanu, Willem Visser. Model Counting for Complex Data Structures. SPIN 2015: 222-241
- Minh-Thai Trinh, Duc-Hiep Chu, Joxan Jaffar. Model Counting for Recursively-Defined Strings. CAV (2) 2017: 399-418
- Dmitry Chistikov, Rayna Dimitrova, Rupak Majumdar: Approximate Counting in SMT and Value Estimation for Probabilistic Programs. TACAS 2015: 320-334
- Carla P. Gomes, Ashish Sabharwal, and Bart Selman. Model Counting
- Seonmo Kim, Stephen McCamant: Bit-Vector Model Counting Using Statistical Estimation. TACAS (1) 2018: 133-151
Hyperproperties
- Michael R. Clarkson, Fred B. Schneider: Hyperproperties. Journal of Computer Security 18(6): 1157-1210 (2010)
- Michael R. Clarkson, Bernd Finkbeiner, Masoud Koleini, Kristopher K. Micinski, Markus N. Rabe, César Sánchez: Temporal Logics for Hyperproperties. POST 2014: 265-284
- Bernd Finkbeiner, Christopher Hahn, Hazem Torfah: Model Checking Quantitative Hyperproperties. CAV (1) 2018: 144-163
- Marcelo Sousa, Isil Dillig: Cartesian hoare logic for verifying k-safety properties. PLDI 2016: 57-69
- Shreya Agrawal, Borzoo Bonakdarpour: Runtime Verification of k-Safety Hyperproperties in HyperLTL. CSF 2016: 239-252