This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
sql-guessing-advantage-analyser [2018/11/27 11:12] alisa [Quick guide] |
sql-guessing-advantage-analyser [2019/06/01 15:41] alisa [Quick guide] |
||
---|---|---|---|
Line 19: | Line 19: | ||
=== Sensitive attributes === | === Sensitive attributes === | ||
- | This input defines a set of sensitive components, which the attacker is trying to guess. The definition starts from a keyword ''leak''. For each sensitive attribute, the guess can either be ''exact'' (discrete attributes), or ''approx r'' (approximated by r > 0 units). The list of attributes is followed by the keyword cost and a number that defines the cost of leaking that attribute. | + | This input defines a set of sensitive components, which the attacker is trying to guess. For each sensitive attribute, the guess can either be ''exact'' (discrete attributes), or ''approx r'' (approximated by r > 0 units). The guesses can be combined into an expression using AND and OR operation, describing the case where leakage is considered successful. The expression can be followed by a single line containing keyword ''cost'' and a number that defines the cost of leaking that combination of attributes. By default, the cost is set to 100. |
<code> | <code> | ||
- | leak | + | ship.latitude approx 5 AND |
- | ship.latitude approx 5; | + | ship.longitude approx 5 |
- | ship.longitude approx 5; | + | |
cost 100 | cost 100 | ||
</code> | </code> | ||
In this example, the attacker wins iff he guesses //both// attributes ''latitude'' and ''longitude'' of some row of the table ''ship'' within 5-unit precision. The definition of "unit" depends on the data table, e.g. if the location was defined in miles, then a unit is also a mile. | In this example, the attacker wins iff he guesses //both// attributes ''latitude'' and ''longitude'' of some row of the table ''ship'' within 5-unit precision. The definition of "unit" depends on the data table, e.g. if the location was defined in miles, then a unit is also a mile. | ||
- | If the attacker wins if he guesses //either// ''latitude'' or ''longitude'', we specify it as two distinct sensitive sets, each having its leakage cost. | + | If we want to express that the attacker wins if he guesses //either// ''latitude'' or ''longitude'', we replace AND operation with OR. |
- | <code> | + | |
- | leak | + | |
- | ship.latitude approx 5; | + | |
- | cost 30 | + | |
- | + | ||
- | leak | + | |
- | ship.longitude approx 5; | + | |
- | cost 70 | + | |
- | </code> | + | |
=== Attacker settings === | === Attacker settings === |