Keeping Secrets: Multi-objective Genetic Improvement for Detecting and Reducing Information Leakage

Submitted to ASE22.
Disclaimer: The material here is under review and not meant for distribution. Please do not use or reveal information on this site or share the link until the paper review period is complete.

Test Subjects

There are 6 test subjects used in the research:

1. Apple Talk (Atalk) was taken from [22] and code adapted from atalk_getname function is in net/appletalk/ddp.c file from Linux 2.6.30 version.
2. Bignum bin2bn function in crypto/bn/bn_lib.c file from openssl-1.1.1j version.
3. Classify was prepared by the authors to demonstrate the need for multi-objective optimization.
4. Heartbleed dtls1_process_heartbeat is in ssl/d1_both.c file in openssl-1.0.1f version and reported by CVE-2014-0160.
5. Triangle was taken from [31]
6. Underflow was taken from [22].

Test Inputs

1. Atalk
2. Bignum
3. Classify
4. Heartbleed
5. Triangle
6. Underflow

Artifacts

Top 10 results from parameter tuning tests can be found here.

There are results from 3 tests:

1. Download Parameter tuning tests
2. Download Single objective LeakReducer tests
3. Download Multi-objective tests part1 part2

Every zip file has study subjects as subfolders. E.g. Multi-objective tests has subject subfolders like: Atalk, Bignum, etc. Then, in every subject folder there are algorithms or test method subfolders, like: MOCell, SPEA2, etc. Under algorithms job ids are listed.

Every folder contains information for one job (one run). For example, MO-part1/Triangle/MOCell/640827 folder contains job information for the jobid 640827 for the Triangle test subject using MOCell algorithm. And, that contains the following files

• FUN.MOCell-triangle-640827-9
• MOCell-9-6408270-triangle.c
• MOCell-9-6408271-triangle.c
• MOCell-9-6408272-triangle.c
• MOCell-9-6408273-triangle.c
• MOCell-triangle-640827-9.png
• VAR.MOCell-triangle-640827-9
• errtslr-640827.txt
• out-all-M1-C0.5-P50-640827.txt
• outtslr-640827.txt

where

• Each of AlgorithmName*.c file contains one program variant reported by LeakReducer. Single objective algorithm reports one solution. Multi-objective algorithms may report one or more solutions.
• FUN.. file contains fitness results reported by jMetalPy
• VAR.. file contains list of mutation operators for each program variant (solution) listed. Every program variant may contain several mutation operators. And mutation operators for each program variant is separated by an empty line.
• out-*.txt file contains report prepared by LeakReducer. Report files contain
  • Reported objective values,
  • Algorithm name
  • Problem name
  • HyperVolume for MO algorithms
  • Number of solutions found for MO algorithms
  • Elapsed time in seconds
  • Statements found in the program
  • Identifiers found in the program
• err*.txt and out*slr*.txt files are the report files prepared by the HPC job
• And, there is *.png file for MO jobs which plots reported pareto front.