Using Evolutionary Diversity to Identify Problematic Software Parameters

Many computer performance and security issues can be attributed to poor software configuration settings (misconfigurations). However, finding and resolving errors is complicated by the number of parameters to set and the complexity (unsuspected interdependencies) of these configurations. This problem only becomes more difficult as software systems become more integrated and complex. This paper introduces an evolutionary technique to identify and resolve parameter errors found in software configurations. The approach discovers characteristics of correct and incorrect parameter settings by comparing and contrasting a set of configurations. The composition of the configuration set is important and must contain sufficient information to identify and resolve the errors. Given the difficulty of forming this set, an evolutionary algorithm is used to discover configurations that have these characteristics. The effectiveness of this approach is analyzed experimentally through a study of various configurations with various security issues. Experimental results indicate the approach is able to identify and determine secure parameter settings when confronted with a variety of simulated attacks.