Statistical Model Checking for Hyperproperties
Hyperproperties have shown to be a powerful tool for expressing and reasoning about information-flow security policies. In this paper, we investigate the problem of statistical model checking (SMC) for hyperproperties. Unlike exhaustive model checking, SMC works based on drawing samples from the sys...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Wang, Yu Nalluri, Siddhartha Bonakdarpour, Borzoo Pajic, Miroslav |
| description | Hyperproperties have shown to be a powerful tool for expressing and reasoning
about information-flow security policies. In this paper, we investigate the
problem of statistical model checking (SMC) for hyperproperties. Unlike
exhaustive model checking, SMC works based on drawing samples from the system
at hand and evaluate the specification with statistical confidence. The main
benefit of applying SMC over exhaustive techniques is its efficiency and
scalability. To reason about probabilistic hyperproperties, we first propose
the temporal logic HyperPCLT* that extends PCTL* and HyperPCTL. We show that
HyperPCLT* can express important probabilistic information-flow security
policies that cannot be expressed with HyperPCTL. Then, we introduce SMC
algorithms for verifying HyperPCLT* formulas on discrete-time Markov chains,
based on sequential probability ratio tests (SPRT) with a new notion of
multi-dimensional indifference region. Our SMC algorithms can handle both
non-nested and nested probability operators for any desired significance level.
To show the effectiveness of our technique, we evaluate our SMC algorithms on
four case studies focused on information security: timing side-channel
vulnerability in encryption, probabilistic anonymity in dining cryptographers,
probabilistic noninterference of parallel programs, and the performance of a
randomized cache replacement policy that acts as a countermeasure against cache
flush attacks. |
| doi_str_mv | 10.48550/arxiv.1902.04111 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1902_04111</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1902_04111</sourcerecordid><originalsourceid>FETCH-LOGICAL-a671-21549d91498c6452c545b4f032a11757d41c24cbed8450e2c66b4865abc24c153</originalsourceid><addsrcrecordid>eNotzr0OgjAUBeAuDgZ9ACd5AbC33FtgNMS_ROOgOymlaCMKKcTo2_u7nJOc4eRjbAI8xISIz5R72HsIKRchRwAYsvDQq952vdWq9ndNaWo_Oxt9sbeTXzXOXz9b41rXvLO3phuxQaXqzoz_7bHjcnHM1sF2v9pk822gZAyBAMK0TAHTREskoQmpwIpHQgHEFJcIWqAuTJkgcSO0lAUmklTxmYEij01_t19w3jp7Ve6Zf-D5Fx69AGWfPE0</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Statistical Model Checking for Hyperproperties</title><source>arXiv.org</source><creator>Wang, Yu ; Nalluri, Siddhartha ; Bonakdarpour, Borzoo ; Pajic, Miroslav</creator><creatorcontrib>Wang, Yu ; Nalluri, Siddhartha ; Bonakdarpour, Borzoo ; Pajic, Miroslav</creatorcontrib><description>Hyperproperties have shown to be a powerful tool for expressing and reasoning
about information-flow security policies. In this paper, we investigate the
problem of statistical model checking (SMC) for hyperproperties. Unlike
exhaustive model checking, SMC works based on drawing samples from the system
at hand and evaluate the specification with statistical confidence. The main
benefit of applying SMC over exhaustive techniques is its efficiency and
scalability. To reason about probabilistic hyperproperties, we first propose
the temporal logic HyperPCLT* that extends PCTL* and HyperPCTL. We show that
HyperPCLT* can express important probabilistic information-flow security
policies that cannot be expressed with HyperPCTL. Then, we introduce SMC
algorithms for verifying HyperPCLT* formulas on discrete-time Markov chains,
based on sequential probability ratio tests (SPRT) with a new notion of
multi-dimensional indifference region. Our SMC algorithms can handle both
non-nested and nested probability operators for any desired significance level.
To show the effectiveness of our technique, we evaluate our SMC algorithms on
four case studies focused on information security: timing side-channel
vulnerability in encryption, probabilistic anonymity in dining cryptographers,
probabilistic noninterference of parallel programs, and the performance of a
randomized cache replacement policy that acts as a countermeasure against cache
flush attacks.</description><identifier>DOI: 10.48550/arxiv.1902.04111</identifier><language>eng</language><subject>Computer Science - Cryptography and Security ; Computer Science - Formal Languages and Automata Theory ; Computer Science - Logic in Computer Science</subject><creationdate>2019-02</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,778,883</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1902.04111$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1902.04111$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Wang, Yu</creatorcontrib><creatorcontrib>Nalluri, Siddhartha</creatorcontrib><creatorcontrib>Bonakdarpour, Borzoo</creatorcontrib><creatorcontrib>Pajic, Miroslav</creatorcontrib><title>Statistical Model Checking for Hyperproperties</title><description>Hyperproperties have shown to be a powerful tool for expressing and reasoning
about information-flow security policies. In this paper, we investigate the
problem of statistical model checking (SMC) for hyperproperties. Unlike
exhaustive model checking, SMC works based on drawing samples from the system
at hand and evaluate the specification with statistical confidence. The main
benefit of applying SMC over exhaustive techniques is its efficiency and
scalability. To reason about probabilistic hyperproperties, we first propose
the temporal logic HyperPCLT* that extends PCTL* and HyperPCTL. We show that
HyperPCLT* can express important probabilistic information-flow security
policies that cannot be expressed with HyperPCTL. Then, we introduce SMC
algorithms for verifying HyperPCLT* formulas on discrete-time Markov chains,
based on sequential probability ratio tests (SPRT) with a new notion of
multi-dimensional indifference region. Our SMC algorithms can handle both
non-nested and nested probability operators for any desired significance level.
To show the effectiveness of our technique, we evaluate our SMC algorithms on
four case studies focused on information security: timing side-channel
vulnerability in encryption, probabilistic anonymity in dining cryptographers,
probabilistic noninterference of parallel programs, and the performance of a
randomized cache replacement policy that acts as a countermeasure against cache
flush attacks.</description><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Formal Languages and Automata Theory</subject><subject>Computer Science - Logic in Computer Science</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotzr0OgjAUBeAuDgZ9ACd5AbC33FtgNMS_ROOgOymlaCMKKcTo2_u7nJOc4eRjbAI8xISIz5R72HsIKRchRwAYsvDQq952vdWq9ndNaWo_Oxt9sbeTXzXOXz9b41rXvLO3phuxQaXqzoz_7bHjcnHM1sF2v9pk822gZAyBAMK0TAHTREskoQmpwIpHQgHEFJcIWqAuTJkgcSO0lAUmklTxmYEij01_t19w3jp7Ve6Zf-D5Fx69AGWfPE0</recordid><startdate>20190211</startdate><enddate>20190211</enddate><creator>Wang, Yu</creator><creator>Nalluri, Siddhartha</creator><creator>Bonakdarpour, Borzoo</creator><creator>Pajic, Miroslav</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20190211</creationdate><title>Statistical Model Checking for Hyperproperties</title><author>Wang, Yu ; Nalluri, Siddhartha ; Bonakdarpour, Borzoo ; Pajic, Miroslav</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a671-21549d91498c6452c545b4f032a11757d41c24cbed8450e2c66b4865abc24c153</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Formal Languages and Automata Theory</topic><topic>Computer Science - Logic in Computer Science</topic><toplevel>online_resources</toplevel><creatorcontrib>Wang, Yu</creatorcontrib><creatorcontrib>Nalluri, Siddhartha</creatorcontrib><creatorcontrib>Bonakdarpour, Borzoo</creatorcontrib><creatorcontrib>Pajic, Miroslav</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Wang, Yu</au><au>Nalluri, Siddhartha</au><au>Bonakdarpour, Borzoo</au><au>Pajic, Miroslav</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Statistical Model Checking for Hyperproperties</atitle><date>2019-02-11</date><risdate>2019</risdate><abstract>Hyperproperties have shown to be a powerful tool for expressing and reasoning
about information-flow security policies. In this paper, we investigate the
problem of statistical model checking (SMC) for hyperproperties. Unlike
exhaustive model checking, SMC works based on drawing samples from the system
at hand and evaluate the specification with statistical confidence. The main
benefit of applying SMC over exhaustive techniques is its efficiency and
scalability. To reason about probabilistic hyperproperties, we first propose
the temporal logic HyperPCLT* that extends PCTL* and HyperPCTL. We show that
HyperPCLT* can express important probabilistic information-flow security
policies that cannot be expressed with HyperPCTL. Then, we introduce SMC
algorithms for verifying HyperPCLT* formulas on discrete-time Markov chains,
based on sequential probability ratio tests (SPRT) with a new notion of
multi-dimensional indifference region. Our SMC algorithms can handle both
non-nested and nested probability operators for any desired significance level.
To show the effectiveness of our technique, we evaluate our SMC algorithms on
four case studies focused on information security: timing side-channel
vulnerability in encryption, probabilistic anonymity in dining cryptographers,
probabilistic noninterference of parallel programs, and the performance of a
randomized cache replacement policy that acts as a countermeasure against cache
flush attacks.</abstract><doi>10.48550/arxiv.1902.04111</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1902.04111 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1902_04111 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security Computer Science - Formal Languages and Automata Theory Computer Science - Logic in Computer Science |
| title | Statistical Model Checking for Hyperproperties |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-15T22%3A42%3A17IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Statistical%20Model%20Checking%20for%20Hyperproperties&rft.au=Wang,%20Yu&rft.date=2019-02-11&rft_id=info:doi/10.48550/arxiv.1902.04111&rft_dat=%3Carxiv_GOX%3E1902_04111%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |