Quantitative Information Flow (QIF) provides a robust information-theoretical framework for designing secure systems with minimal information leakage. While previous research has addressed the design of such systems under hard constraints (e.g. application limitations) and soft constraints (e.g. utility), scenarios often arise where the core system's behavior is considered fixed. In such cases, the challenge is to design a new component for the existing system that minimizes leakage without altering the original system. In this work we address this problem by proposing optimal solutions for constructing a new row, in a known and unmodifiable information-theoretic channel, aiming at minimizing the leakage. We first model two types of adversaries: an exact-guessing adversary, aiming to guess the secret in one try, and a s-distinguishing one, which tries to distinguish the secret s from all the other secrets.Then, we discuss design strategies for both fixed and unknown priors by offering, for each adversary, an optimal solution under linear constraints, using Linear Programming.We apply our approach to the problem of website fingerprinting defense, considering a scenario where a site administrator can modify their own site but not others. We experimentally evaluate our proposed solutions against other natural approaches. First, we sample real-world news websites and then, for both adversaries, we demonstrate that the proposed solutions are effective in achieving the least leakage. Finally, we simulate an actual attack by training an ML classifier for the s-distinguishing adversary and show that our approach decreases the accuracy of the attacker.

翻译：定量信息流（QIF）为设计具有最小信息泄露的安全系统提供了一个稳健的信息论框架。尽管先前的研究已针对硬约束（如应用限制）和软约束（如效用）下的此类系统设计进行了探讨，但实际场景中常出现核心系统行为被视为固定的情况。在此类情况下，挑战在于为现有系统设计一个新组件，在不改变原始系统的前提下最小化信息泄露。本文通过提出在已知且不可修改的信息论信道中构造新行的最优解决方案来解决这一问题，旨在最小化泄露。我们首先建模了两类攻击者：一类是精确猜测攻击者，旨在一次尝试中猜出秘密；另一类是s区分攻击者，试图将秘密s与其他所有秘密区分开来。随后，我们通过为每类攻击者提供线性约束下的线性规划最优解，讨论了针对固定先验和未知先验的设计策略。我们将所提方法应用于网站指纹识别防御问题，考虑网站管理员可修改自身站点但无法修改其他站点的场景。我们通过实验评估了所提方案相对于其他自然方法的性能。首先，我们对真实新闻网站进行采样，随后针对两类攻击者证明所提方案能有效实现最低泄露。最后，我们通过为s区分攻击者训练机器学习分类器来模拟实际攻击，并证明我们的方法能够降低攻击者的准确率。