Conference ProceedingsOPEN ACCESS

LeakWatch: Estimating information leakage from java programs

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2014) 8713 LNCS(PART 2) 219-236
DOI: 10.1007/978-3-319-11212-1_13
40Citations
Citations of this article
31Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Programs that process secret data may inadvertently reveal information about those secrets in their publicly-observable output. This paper presents LeakWatch, a quantitative information leakage analysis tool for the Java programming language; it is based on a flexible "point-to-point" information leakage model, where secret and publicly-observable data may occur at any time during a program's execution. LeakWatch repeatedly executes a Java program containing both secret and publicly-observable data and uses robust statistical techniques to provide estimates, with confidence intervals, for min-entropy leakage (using a new theoretical result presented in this paper) and mutual information.We demonstrate how LeakWatch can be used to estimate the size of information leaks in a range of real-world Java programs. © 2014 Springer International Publishing Switzerland.

Author supplied keywords

Cite

CITATION STYLE

APA

Chothia, T., Kawamoto, Y., & Novakovic, C. (2014). LeakWatch: Estimating information leakage from java programs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8713 LNCS, pp. 219–236). Springer Verlag. https://doi.org/10.1007/978-3-319-11212-1_13

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free