SAILS: Static Analysis of Information Leakage With Sample

In this paper, the authors introduce Sails, a new tool that combines Sample, a generic static analyzer, and a sophisticated domain for leakage analysis. This tool does not require to modify the original language, since it works with mainstream languages like Java, and it does not require any manual annotation. Sails can combine the information leakage analysis with different heap abstractions, inferring information leakage over programs dealing with complex data structures. They applied Sails to the analysis of the SecuriBench-micro suite. The experimental results show the effectiveness of their approach.

Provided by: ETH Zurich Topic: Software Date Added: Nov 2011 Format: PDF

Find By Topic