Bayesian inference to evaluate information leakage in complex scenarios

Abstract

Common security evaluation methods require the estimation of the likelihood of a hidden state given an observation of the system. For instance: identifying the type of tampering on an image given the tampered file, identifying communication partner given an anonymous channel trace, identifying the location from where a service has been accessed given an obfuscated version of this location. In this talk we explore the suitability of Bayesian Inference techniques, specifically Markov Chain Monte Carlo methods, to evaluate information leakage in complex scenarios. Using anonymity systems, in particular mix networks, as case study we show that casting problems in the context of Bayesian inference provides an appropriate framework to evaluate security properties (e.g., traceability of messages) in complex constraints. We present a generative probabilistic model of mix network architectures that incorporates a number of attack techniques in the trace analysis literature. We use the model to build a Markov Chain Monte Carlo inference engine based on the Metropolis-Hastings algorithm that calculates the probabilities of who is talking to whom given an observation of network traces. Finally, we briefly overview other Bayesian techniques, such as Gibbs sampling and particle filtering, that are useful to tackle other security problems, like user profiling, or to consider dynamic behaviour.