Title :
Hybrid Information Flow Monitoring against Web Tracking
Author :
Besson, Frederic ; Bielova, Nataliia ; Jensen, T.
Author_Institution :
Inria, Rennes, France
Abstract :
Motivated by the problem of stateless web tracking (fingerprinting), we propose a novel approach to hybrid information flow monitoring by tracking the knowledge about secret variables using logical formulae. This knowledge representation helps to compare and improve precision of hybrid information flow monitors. We define a generic hybrid monitor parametrised by a static analysis and derive sufficient conditions on the static analysis for soundness and relative precision of hybrid monitors. We instantiate the generic monitor with a combined static constant and dependency analysis. Several other hybrid monitors including those based on well-known hybrid techniques for information flow control are formalised as instances of our generic hybrid monitor. These monitors are organised into a hierarchy that establishes their relative precision. The whole framework is accompanied by a formalisation of the theory in the Coq proof assistant.
Keywords :
Web sites; knowledge representation; security of data; Coq proof assistant; dependency analysis; fingerprinting; hybrid information flow monitoring; hybrid monitor; information flow control; knowledge representation; logical formulae; secret variables; stateless Web tracking; static constant analysis; Approximation methods; Browsers; Context; Monitoring; Reactive power; Security; Semantics; hybrid information flow monitoring; quantitative information flow; web tracking;
Conference_Titel :
Computer Security Foundations Symposium (CSF), 2013 IEEE 26th
Conference_Location :
New Orleans, LA
DOI :
10.1109/CSF.2013.23
