What’s the over/under? probabilistic bounds on information leakage

Citations of this article
Mendeley users who have this article in their library.

This artice is free to access.


Quantitative information flow (QIF) is concerned with measuring how much of a secret is leaked to an adversary who observes the result of a computation that uses it. Prior work has shown that QIF techniques based on abstract interpretation with probabilistic polyhedra can be used to analyze the worst-case leakage of a query, on-line, to determine whether that query can be safely answered. While this approach can provide precise estimates, it does not scale well. This paper shows how to solve the scalability problem by augmenting the baseline technique with sampling and symbolic execution. We prove that our approach never underestimates a query’s leakage (it is sound), and detailed experimental results show that we can match the precision of the baseline technique but with orders of magnitude better performance.




Sweet, I., Trilla, J. M. C., Scherrer, C., Hicks, M., & Magill, S. (2018). What’s the over/under? probabilistic bounds on information leakage. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10804 LNCS, pp. 3–27). Springer Verlag. https://doi.org/10.1007/978-3-319-89722-6_1

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free