Abstract interpretation-based approaches to Security - A Survey on Abstract Non-Interference and its Challenging Applications

@inproceedings{Mastroeni2013AbstractIA,
  title={Abstract interpretation-based approaches to Security - A Survey on Abstract Non-Interference and its Challenging Applications},
  author={Isabella Mastroeni},
  booktitle={Festschrift for Dave Schmidt},
  year={2013}
}
  • Isabella Mastroeni
  • Published in Festschrift for Dave Schmidt 18 September 2013
  • Computer Science
In this paper we provide a survey on the framework of abstract non-interference. In particular, we describe a general formalization of abstract non-interference by means of three dimensions (observation, protection and semantics) that can be instantiated in order to obtain well known or even new weakened non-interference properties. Then, we show that the notions of abstract non-interference introduced in language-based security are instances of this more general framework which allows to… 

Figures from this paper

Abstract Code Injection - A Semantic Approach Based on Abstract Non-Interference

TLDR
This paper provides a semantic-based model for code injection parametric on what the programmer considers safe behaviors, and devise a mechanism for enforcing (abstract) code injection policies, soundly detecting attacks, i.e., avoiding false negatives.

Understanding and Enforcing Opacity

TLDR
A general framework for opacity is presented and its key differences and formal connections with such well-known information-flow models as non-interference, knowledge-based security, and declassification are explored.

Atomistic Galois insertions for flow sensitive integrity

Hypercollecting semantics and its application to static analysis of information flow

TLDR
A fixpoint characterisation of hypercollecting semantics, i.e. a "set of sets" transformer, is introduced to enable use of such Galois connections to enable static analysis for secure information flow within the framework of abstract interpretation.

Abstract Program Slicing

TLDR
In the present article, the notion of abstract program slicing is formally defined, a general form of program slicing where properties of data are considered instead of their exact value.

Flexible Information-Flow Control

TLDR
This thesis presents work on ensuring that information processed by computing systems is not disclosed to third parties without the user's permission; i.e. to prevent unwanted flows of information.

MIME - A Formal Approach for Multiple Investigation in (Android) Malware Emulation Analysis

TLDR
A new dynamic and configurable approach to anti-emulation malware analysis, aiming at improving transparency of existing analyses techniques and providing an abstract non-interference-based approach modeling the fact that parameters can be modified dynamically, and the corresponding executions compared.

MIME: A Formal Approach to (Android) Emulation Malware Analysis

TLDR
This paper proposes a new dynamic and configurable approach to anti-emulation malware analysis, aiming at improving transparency of existing analyses techniques and providing an abstract non-interference-based approach modeling the fact that parameters can be modified dynamically, and the corresponding executions compared.

Improving Dynamic Code Analysis by Code Abstraction

TLDR
This work aims at characterizing code abstractions, for dynamically generated code, for which the given analysis works precisely, and investigates the relation existing between the code abstraction η and the semantic abstraction ρ.

Analyzing program dependencies for malware detection

TLDR
This work proposes an high order theory for ANI, later called HOANI, that allows to study program dependencies and formalizes and study the malware detection problem in terms of HOANI.

References

SHOWING 1-10 OF 40 REFERENCES

On the Rôle of Abstract Non-interference in Language-Based Security

TLDR
The role of the notion of Abstract Non-Interference in language based security is illustrated by explaining how it models both the weakening of attackers’ observational capability, and the declassification of private information.

Abstract non-interference: parameterizing non-interference by abstract interpretation

TLDR
This paper generalizes the notion of non-interference making it parametric relatively to what an attacker can analyze about the input/output information flow, and proves that this notion can be fully specified in standard abstract interpretation framework.

The PER Model of Abstract Non-interference

TLDR
It is shown how abstract domain completeness can be used for enforcing the PER model of abstract non-interference, which allows us to derive unconstrained attacker models, which do not necessarily either observe all public information or ignore all private information.

A Proof System for Abstract Non-interference

TLDR
An inductive proof system is derived that allows us to characterize ANI properties inductively on the syntactic structure of programs and it is shown how this framework can be instantiated to language-based security.

A Per Model of Secure Information Flow in Sequential Programs

TLDR
The approach is inspired by (and in the deterministic case equivalent to) the use of partial equivalence relations in specifying binding-time analysis, and is thus able to specify security properties of higher-order functions and “partially confidential data”.

Adjoining classified and unclassified information by abstract interpretation

TLDR
It is proved that an adjoint relation exists between the power of the attacker and the amount of the information released - the more the attacker can observe, the less information can be kept private.

Semantic-Based Code Obfuscation by Abstract Interpretation

TLDR
A general theory based on abstract interpretation is derived, where the potency of code obfuscation can be measured by comparing hidden properties in the lattice of abstract interpretations.

A semantic approach to secure information flow

Obfuscation by partial evaluation of distorted interpreters

TLDR
This work presents a novel approach to automatically generating obfuscated code P2 from any program P whose source code is given, and is applied to: code flattening, data-type obfuscation, and opaque predicate insertion.

A core calculus of dependency

TLDR
It is argued that there is a central notion of dependency common to these settings that can be captured within a single calculus, the Dependency Core Calculus (DCC), a small extension of Moggi's computational lambda calculus.