Information Leakage Detection through Approximate Bayes-optimal Prediction

TL;DR

This paper introduces a theoretical framework combining statistical learning and information theory to detect information leakage more accurately, overcoming limitations of traditional mutual information estimation methods.

Contribution

It proposes a novel approach using approximate Bayes-optimal prediction to estimate mutual information for leakage detection, validated through empirical experiments.

Findings

Outperforms existing methods in synthetic datasets

Effective in real-world TLS server data

Accurately estimates mutual information via log-loss approximation

Abstract

In today's data-driven world, the proliferation of publicly available information raises security concerns due to the information leakage (IL) problem. IL involves unintentionally exposing sensitive information to unauthorized parties via observable system information. Conventional statistical approaches rely on estimating mutual information (MI) between observable and secret information for detecting ILs, face challenges of the curse of dimensionality, convergence, computational complexity, and MI misestimation. Though effective, emerging supervised machine learning based approaches to detect ILs are limited to binary system sensitive information and lack a comprehensive framework. To address these limitations, we establish a theoretical framework using statistical learning theory and information theory to quantify and detect IL accurately. Using automated machine learning, we demonstrate that MI can be accurately estimated by approximating the typically unknown Bayes predictor's log-loss and accuracy. Based on this, we show how MI can effectively be estimated to detect ILs. Our method performs superior to state-of-the-art baselines in an empirical study considering synthetic and real-world OpenSSL TLS server datasets.