Litcius/Paper detail

QFuzz: quantitative fuzzing for side channels

Yannic Noller, Saeid Tizpaz-Niari

202115 citationsDOIOpen Access PDF

Abstract

Side channels pose a significant threat to the confidentiality of software systems. Such vulnerabilities are challenging to detect and evaluate because they arise from non-functional properties of software such as execution times and require reasoning on multiple execution traces. Recently, noninterference notions have been adapted in static analysis, symbolic execution, and greybox fuzzing techniques. However, noninterference is a strict notion and may reject security even if the strength of information leaks are weak. A quantitative notion of security allows for the relaxation of noninterference and tolerates small (unavoidable) leaks. Despite progress in recent years, the existing quantitative approaches have scalability limitations in practice.

Topics & Concepts

Fuzz testingComputer scienceScalabilityEntropy (arrow of time)SoftwareSet (abstract data type)State (computer science)Data miningComputer securityMachine learningAlgorithmDatabaseProgramming languageQuantum mechanicsPhysicsSecurity and Verification in ComputingAdvanced Malware Detection TechniquesRadiation Effects in Electronics