Abstract

Compiler optimizations can be functionally correct but not secure. In this work, we attempt to quantify the information leakage in a program for the security verification of compiler optimizations. Our work has the following contributions. We demonstrate that static taint analysis is applicable for security verification of compile optimizations. We develop a completely automated approach for quantifying the information leak in a program in the context of compiler optimizations. Our method avoids many false-positives scenarios due to implicit flow. It can handle leaks in a loop and propagates leaks over paths using the leak propagation vector. With our quantification parameters, we verify the relative security of source and transformed programs considering the optimizations phase of a compiler as a black box. Our experimental evaluations on benchmarks for various compiler optimizations in SPARK show that the SPARK compiler is actually leaky.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
$$\mathsf {BackFlow}$$: Backward Context-Sensitive Flow Reconstruction of Taint Analysis Results
Pietro Ferrara ... Luca Olivieri
-
Pietro Ferrara, et. al.Pietro Ferrara ... Luca Olivieri
01 Jan 2020
Comnoid: Information Leakage Detection using Data Flow Analysis on Android Devices
Sunita Dhavale ... Bhushan Lokhande
International Journal of Computer Applications | VOL. 134
Sunita Dhavale, et. al.Sunita Dhavale ... Bhushan Lokhande
15 Jan 2016
ConDySTA: Context-Aware Dynamic Supplement to Static Taint Analysis
Rocky Slavin ... Xiaoyin Wang
-
Rocky Slavin, et. al.Rocky Slavin ... Xiaoyin Wang
01 May 2021
Constructing a Hybrid Taint Analysis Framework for Diagnosing Attacks on Binary Programs
Zhujuan Ma ... Xuejian Li
Journal of Computers | VOL. 9
Zhujuan Ma, et. al.Zhujuan Ma ... Xuejian Li
03 Jan 2014
View more papers

More From: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Paper Title
Journal
Date
Author
Hier-RTLMP: A Hierarchical Automatic Macro Placer for Large-Scale Complex IP Blocks
Andrew B Kahng ... Zhiang Wang
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems | VOL. 43
Andrew B Kahng, et. al.Andrew B Kahng ... Zhiang Wang
01 May 2024
Hierarchical Mapping of Large-Scale Spiking Convolutional Neural Networks Onto Resource-Constrained Neuromorphic Processor
Xun Xiao ... Junbo Tie
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems | VOL. 43
Xun Xiao, et. al.Xun Xiao ... Junbo Tie
01 May 2024
PhGraph: A High-Performance ReRAM-Based Accelerator for Hypergraph Applications
Xiaofei Liao ... Pengcheng Yao
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems | VOL. 43
Xiaofei Liao, et. al.Xiaofei Liao ... Pengcheng Yao
01 May 2024
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems publication information
-
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems | VOL. 43
--
01 May 2024
View more papers