Security of
Numerical Sensors in
Finite Automata
Zhe Dang
Dmitry Dementyev
Thomas R. Fischer
William J. Hutton, III
Washington State University – Pullman, WA USA
Overview
• Introduction
• Mathematical foundation for computer security
• The “CIA” triad
• Covert channels
• Our theorems (with examples)
• Conclusion
Introduction
Mathematical
foundation for
computer security
Ad hoc experiences are not science!
The CIA triad
• Confidentiality
• Integrity
• Availability
Confidentiality
“Confidentiality is the concealment of
information or resources.”
Covert channels
“A covert channel is a path of communication that was
not designed to be used for communication.”
-- Matt Bishop
(Covert communication can be implicit!)
A simple covert writer as a finite automata
A simple covert reader as a finite automata
Our theorems
Theorem 1. With high probability (i.e. the probability goes to 1 as the value min(Nleft, Nright ) ® ¥)
Theorem 2. I(G) = log M
Maximal
mutual information
• Graph theory
• Nodes, edges
• Graphs, bipartite graphs, multi-bipartite graphs
• Matching, maximal matching
• Information theory
• Mutual information
• Entropy
Graph Theory
Nodes, edges, and connectedness
Graph Theory
Nodesleft
Nodesright
Graph Theory
Nodesleft
Nodesright
Secure Numerical
Sensing in Automata
Multicounter Automata M
C
high(C)
V Reversal-Bounded Counters
7
6
5
4
3
2
1
0
10
9
8
7
6
5
4
3
2
1
0
3
2
1
V1
V2
V..
0
1
2
3
2
1
0
Vk
k
åV
i=0
low(V)
i
Secure Numerical
Sensing in Automata
Multicounter Automata M
C
high(C) =
{Cn,,{7, 10, 3, 0}}
V Reversal-Bounded Counters
7
6
5
4
3
2
1
0
10
9
8
7
6
5
4
3
2
1
0
3
2
1
V1
V2
V..
0
1
2
3
2
1
0
Vk
k
åV
i=0
low(V) =
20
i
Theorems 3-6
3. The information rate of a regular language is computable
[5].
4. A suffix-closed regular language is converging.
5. For a semilinear set V, [V] is a converging regular language.
6. For numerical sensors ‘low’ and ‘high’, when their set of
measurements is effectively a semilinear set, the mutual
information rate I(low, high) is computable.
Theorems 7-10
7. For integer numerical sensors ‘low’ and ‘high’, when their
measurements set is Presburger definable, the mutual information
rate I(low, high) is computable.
8. Suppose that ‘low’ and ‘high’ are linear numerical sensors in a
reversal-bounded NPCM M. Then the mutual information rate
I(low, high) is computable.
9. For a 2-tape NFA M, its mutual information rate I(low, high) is
computable…
10. For a k-tape NFA M augmented with reversal-bounded counters
its mutual information rate I(low, high) is computable…
Conclusion
Computability
• The mutual information rate between two sensors is
computable for some computational models.
• Nondeterministic pushdown automata augmented with
reversal-bounded counters
• Discrete timed automata
Analysis
• The computed mutual information rate can be used to
determine if there is no information flow between
sensors.
• This provides a method to quantitatively and
algorithmically analyze some types of covert channels.
Thank You
[email protected]