Date Added: Mar 2010
Information theory provides a range of useful methods to analyze probability distributions and these techniques have been successfully applied to measure information flow and the loss of anonymity in secure systems. However, previous work has tended to assume that the exact probabilities of every action are known, or that the system is non-deterministic. In this paper, the authors show that measures of information leakage based on mutual information and capacity can be calculated, automatically, from trial runs of a system alone. They find a confidence interval for this estimate based on the number of possible inputs, observations and samples.