Analysis of the execution time of a program and the leakage of sensitive information

Abstract

In the information security field of computer science, the questions of whether a program is safe or unsafe depends heavily on the inputs in which the program may leak sensitive information to an attacker who can observe the execution time of the program. Existing information- flow analyses achieve precision or scalability, but not both. Moreover, many of the current techniques to determine the safety of a program are slow and inefficient or require to much man power. Because of this, the inputs of programs and possible automatic research methods are being researched to fill the gap in determining whether a program is safe or unsafe.