Security of Numerical Sensors in Finite

AutomataZhe Dang

Dmitry DementyevThomas R. Fischer

William J. Hutton, III

Washington State University – Pullman, WA USA

Overview

• Introduction

• Mathematical foundation for computer security

• The “CIA” triad

• Covert channels

• Our theorems (with examples)

• Conclusion

Introduction

Mathematical foundation for

computer security

Ad hoc experiences are not science!

The CIA triad

• Confidentiality• Integrity• Availability

Confidentiality“Confidentiality is the concealment of

information or resources.”

Covert channels

“A covert channel is a path of communication that was not designed to be used for

communication.” -- Matt Bishop

(Covert communication can be implicit!)

A simple covert writer as a finite automata

A simple covert reader as a finite automata

Our theorems

Theorem 2. I(G) = log M

Maximal mutual information

• Graph theory• Nodes, edges• Graphs, bipartite graphs, multi-bipartite

graphs• Matching, maximal matching

• Information theory• Mutual information• Entropy

Graph Theory

Nodes, edges, and connectedness

Graph Theory

Nodesleft Nodesright

Graph Theory

Nodesleft Nodesright

Secure Numerical Sensing in Automata

C

Multicounter Automata M

76543210

109876543210

321

0123210

V Reversal-Bounded Counters

V1 V2 V.. Vkhigh(C) low(V)

Secure Numerical Sensing in Automata

C

Multicounter Automata M

76543210

109876543210

321

0123210

V Reversal-Bounded Counters

V1 V2 V.. Vkhigh(C) = {Cn,,{7, 10, 3, 0}}

low(V) = 20

Theorems 3-6

3. The information rate of a regular language is computable [5].

4. A suffix-closed regular language is converging.

5. For a semilinear set V, [V] is a converging regular language.

6. For numerical sensors ‘low’ and ‘high’, when their set of measurements is effectively a semilinear set, the mutual information rate I(low, high) is computable.

Theorems 7-10

7. For integer numerical sensors ‘low’ and ‘high’, when their measurements set is Presburger definable, the mutual information rate I(low, high) is computable.

8. Suppose that ‘low’ and ‘high’ are linear numerical sensors in a reversal-bounded NPCM M. Then the mutual information rate I(low, high) is computable.

9. For a 2-tape NFA M, its mutual information rate I(low, high) is computable…

10. For a k-tape NFA M augmented with reversal-bounded counters its mutual information rate I(low, high) is computable…

Conclusion

Computability

• The mutual information rate between two sensors is computable for some computational models.• Nondeterministic pushdown automata

augmented with reversal-bounded counters• Discrete timed automata

Analysis

• The computed mutual information rate can be used to determine if there is no information flow between sensors.

• This provides a method to quantitatively and algorithmically analyze some types of covert channels.

Thank Youwilliam.hutton@wsu.edu