Thesis Defense: Caroline Odell
Thursday, April 27, 2016 at 2:00pm in Manchester 017
Using Genetic Algorithms To Detect Security Related Software Parameter Chains
Configurations govern the operation of computer systems and their applications. Configurations consist of parameters, each of which has settings that control all of the various aspects of a system or application that can be changed. Many cyber attacks can be attributed to misconfigured software. Exploits can be caused by a single parameter setting or a combination of settings. Identifying these parameter settings that are responsible for the exploits is difficult, as configurations often consist of hundreds of thousands of parameters. Interdependencies between parameters adds to this challenge, as these parameters can appear in configurations that are vulnerable to an exploit as well as those that are not vulnerable to an exploit, based on the combination of parameter settings they appear with.
In this thesis, a method for detecting these security related parameters is introduced. By comparing configurations that are vulnerable to the same exploit, it is possible to narrow down the set of parameters that could be responsible for this exploit. Genetic Algorithms are used to generate the vulnerable configurations used for comparison. This method is able to correctly identify security related parameters.