Title :
A Statistical Test for Information Leaks Using Continuous Mutual Information
Author :
Chothia, Tom ; Guha, Apratim
Author_Institution :
Sch. of Comput. Sci., Univ. of Birmingham, Birmingham, UK
Abstract :
We present a statistical test for detecting information leaks in systems with continuous outputs. We use continuous mutual information to detect the information leakage from trial runs of a probabilistic system. It has been shown that there is no universal rate of convergence for sampled mutual information, however when the leakage is zero, and under some reasonable conditions, we establish a rate for the sampled estimate, and show that it can converge to zero very quickly. We use this result to develop a statistical test for information leakage, and we use our new test to analyse a number of possible fixes for a time-based information leak in e-passports. We compare our new test with existing statistical methods, and we find that our test outperforms these other tests in almost all cases, and in one case in particular, ours is the only statistical test that can detect an information leak.
Keywords :
security of data; statistical analysis; continuous mutual information; e-passports; information leak detection; probabilistic system; security faults; statistical methods; statistical test; time-based information leak; Computer security; Continuous Mutual Information; Information Theory; Information leakage; Statistics; e-Passport;
Conference_Titel :
Computer Security Foundations Symposium (CSF), 2011 IEEE 24th
Conference_Location :
Cernay-la-Ville
Print_ISBN :
978-1-61284-644-6
DOI :
10.1109/CSF.2011.19
