7,538 research outputs found
Relational Symbolic Execution
Symbolic execution is a classical program analysis technique used to show
that programs satisfy or violate given specifications. In this work we
generalize symbolic execution to support program analysis for relational
specifications in the form of relational properties - these are properties
about two runs of two programs on related inputs, or about two executions of a
single program on related inputs. Relational properties are useful to formalize
notions in security and privacy, and to reason about program optimizations. We
design a relational symbolic execution engine, named RelSym which supports
interactive refutation, as well as proving of relational properties for
programs written in a language with arrays and for-like loops
Distributed Transition Systems with Tags for Privacy Analysis
We present a logical framework that formally models how a given private
information P stored on a given database D, can get captured progressively, by
an agent/adversary querying the database repeatedly.Named DLTTS (Distributed
Labeled Tagged Transition System), the frame-work borrows ideas from several
domains: Probabilistic Automata of Segala, Probabilistic Concurrent Systems,
and Probabilistic labelled transition systems. To every node on a DLTTS is
attached a tag that represents the 'current' knowledge of the adversary,
acquired from the responses of the answering mechanism of the DBMS to his/her
queries, at the nodes traversed earlier, along any given run; this knowledge is
completed at the same node, with further relational deductions, possibly in
combination with 'public' information from other databases given in advance. A
'blackbox' mechanism is also part of a DLTTS, and it is meant as an oracle; its
role is to tell if the private information has been deduced by the adversary at
the current node, and if so terminate the run. An additional special feature is
that the blackbox also gives information on how 'close',or how 'far', the
knowledge of the adversary is, from the private information P , at the current
node. A metric is defined for that purpose, on the set of all 'type compatible'
tuples from the given database, the data themselves being typed with the
headers of the base. Despite the transition systems flavor of our framework,
this metric is not 'behavioral' in the sense presented in some other works. It
is exclusively database oriented,and allows to define new notions of adjacency
and of -indistinguishabilty between databases, more generally than those
usually based on the Hamming metric (and a restricted notion of adjacency).
Examples are given all along to illustrate how our framework works.
Keywords:Database, Privacy, Transition System, Probability, Distribution
An Adversarial Learning Framework for Privacy Preserving Communications
We develop a machine learning-based approach that allows to achieve privacy in communications by exploiting an advantage at the physical layer. Our goal is to transmit useful data to the intended receiver while preventing sensitive data from leaking to an eavesdropper who has access to the channel. We adopt an adversarial approach involving two competing neural networks to learn efficient coding schemes that allow to regulate the tradeoff between quality and privacy.ope
Autonomic Parameter Tuning of Anomaly-Based IDSs: an SSH Case Study
Anomaly-based intrusion detection systems classify network traffic instances by comparing them with a model of the normal network behavior. To be effective, such systems are expected to precisely detect intrusions (high true positive rate) while limiting the number of false alarms (low false positive rate). However, there exists a natural trade-off between detecting all anomalies (at the expense of raising alarms too often), and missing anomalies (but not issuing any false alarms). The parameters of a detection system play a central role in this trade-off, since they determine how responsive the system is to an intrusion attempt. Despite the importance of properly tuning the system parameters, the literature has put little emphasis on the topic, and the task of adjusting such parameters is usually left to the expertise of the system manager or expert IT personnel. In this paper, we present an autonomic approach for tuning the parameters of anomaly-based intrusion detection systems in case of SSH traffic. We propose a procedure that aims to automatically tune the system parameters and, by doing so, to optimize the system performance. We validate our approach by testing it on a flow-based probabilistic detection system for the detection of SSH attacks
- …