Static Evaluation of Noninterference Using Approximate Model Counting

Explore a static analysis method for measuring interference in software, presented at the 2018 IEEE Symposium on Security & Privacy. Delve into the concept of noninterference as a security definition for secret values in procedures, and learn how to assess interference using model counting techniques. Discover a flexible interference assessment approach that quantifiably improves accuracy with increased computational effort. Examine case studies demonstrating the effectiveness of this method, including leakage scenarios in search engine auto-complete responses, secrets subjected to compression with attacker-controlled inputs, and TCP sequence numbers from shared counters. Gain insights into information leakage, quantitative information flow, and interference between secret sets. Understand the proposed new measure for assessing interference and its potential applications in improving software security.