Skip to content

ATM: Implement the current endpoint filters as EndpointCharacteristics #11281

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tiferet merged 19 commits into from
Nov 29, 2022
Merged

ATM: Implement the current endpoint filters as EndpointCharacteristics #11281

tiferet merged 19 commits into from
Nov 29, 2022

Conversation

@tiferet
Copy link
Contributor

@tiferet tiferet commented Nov 16, 2022
edited
Loading

📢 This PR is a bit bigger, so commit-by-commit review might be easier. I've tried to make the commit comments as informative as possible.

Main changes

  • Implement both the standard and the type-specific endpoint filters as EndpointCharacteristics.
  • Move the definitions of isEffectiveSink and getAReasonSinkExcluded to the base class, as they can now be implemented generically for all sink types.
  • Changing the definition of getAReasonSinkExcluded is how we'd adjust which endpoints we score at inference time. For now I've implemented it to replicate the logic in the old code, so that results remain unaffected. I've tracked possible experiments to improve this selection in https://github.com/github/ml-ql-adaptive-threat-modeling/issues/2126.

A few notes

Note that this PR still sticks to the principle of not breaking any tests, except that I had to disambiguate three filters from three different sink types that all had the same name (fc56c5a), and that required a tiny update to FilteredTruePositives.expected (0fd013f).

Also note that the training data is unaffected because (for now) I've given all EndpointFilterCharacteristics medium confidence, whereas only high-confidence characteristics contribute to training set selection. AIUI, the reason endpoint filters weren't used to select negative training samples in the old code was precisely this: their accuracy is high enough that we don't want to waste inference time scoring these endpoints, but not high enough that we can reliably use them as negative training samples. It's worth having someone with the needed expertise (Stephan? 😉) go through them eventually to consider whether any should be promoted to high confidence. I tracked this possible experiment in https://github.com/github/ml-ql-adaptive-threat-modeling/issues/2126.

Timing checks

Closes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/2100

Probably also closes https://github.com/github/ml-ql-adaptive-threat-modeling/issues/2101?

@github-actions github-actions bot added the ATM label Nov 16, 2022
@owen-mc owen-mc changed the title Implement the current endpoint filters as EndpointCharacteristics ATM: Implement the current endpoint filters as EndpointCharacteristics Nov 16, 2022
@tiferet
Implement the type-specific endpoint filters as EndpointCharacteristics.
fc56c5a 
Also disambiguate three filters from three different sink types that all have the same name, "not a direct argument to a likely external library call or a heuristic sink".
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 16, 2022
View reviewed changes
@tiferet
Move the definitions of isEffectiveSink and `getAReasonSinkExcluded…
eab270e 
…` to the base class.

They can now be implemented generically for all sink types.
@tiferet
Update the reason names in FilteredTruePositives.expected.
0fd013f 
This is needed because we changed the names of three endpoint filters that were all called "not a direct argument to a likely external library call or a heuristic sink" in order to disambiguate them (fc56c5a).
@tiferet
Be explicit in requiring that each ATM config set its endpoint type.
c2035e8
@tiferet
Fix CodeQL warnings
8fee9cb
@tiferet
isEffectiveSink can't be final because `ExtractMisclassifiedEndpoin…
38c40a7 
…tFeatures` overrides it.
@tiferet
Add a comment
ccbf1ca
@tiferet tiferet marked this pull request as ready for review November 16, 2022 21:25
@tiferet tiferet requested review from a team and kaeluka and removed request for a team November 16, 2022 21:25
@tiferet tiferet mentioned this pull request Nov 17, 2022
Merged
adityasharad
adityasharad reviewed Nov 18, 2022
View reviewed changes
Copy link
Collaborator

@adityasharad adityasharad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice. I can see the existing filtering logic translated into the new object-oriented hierarchy, and that you've taken care to preserve that logic.

My suggestions are mostly about the clarity and performance of the QL code, rather than the semantics of the filters. Most are not blocking but I hope will be useful.

@tiferet tiferet requested a review from adityasharad November 19, 2022 00:02
kaeluka
kaeluka suggested changes Nov 21, 2022
View reviewed changes
Copy link

@kaeluka kaeluka left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I love love love how this is remolding logic that used to be really hard to manage into something more maintainable. Things are really starting to fall into place! Thank you :)

The one complaint I have about this is how the StandardEndpointFilterCharacteristic class is being made magic by its usage in other modules. The bright side is that there's very easy fixes that I have outlined in my comments. Addressing these should be doable in 20-30min.

@tiferet
Address comment from code review:
1c9545e 
Make `SyntacticHeuristics` an explicit import
@kaeluka
Copy link

kaeluka commented Nov 22, 2022

I'm still working on this review, trying to figure out what the real problem is here and coming up with a specific solution. The PR's interdependencies are quite complex, which is why this has taken a little.

@kaeluka
Copy link

kaeluka commented Nov 22, 2022

I think I'm through with the review.

🤡 The PR sadly reproduces some of the confusing definitions we currently have in main. How the classes StandardEndpointFilterCharacteristic and EndpointFilterCharacteristic are used is quite confusing. This isn't a blocker though, as these classes will probably change LOTS during future experimentation. This is why I think we can safely ignore this paper cut for now and should focus on getting things done.

I'm a bit sick and will call it a day now.

✅ I consider the review of this PR done and approved, assuming you are making the StandardEndpointFilterCharacteristic private (for example, by adding the commit I linked above).
✅ I reviewed the PR that's removing a lot of files (😍) and all it'd need to be merged is a rebase.
🕥 Tomorrow, I'll work on reviewing the third PR (#11323) but to manage your expectations: that one sounds complex and might take a while to fully grok.

@tiferet
Copy link
Contributor Author

tiferet commented Nov 22, 2022

(Minor request: Do you mind using words rather than emoji? I don't remember off the top of my head what each emoji was meant to signify, and I had to spend some time searching for the slack thread to look up what 🤡 means)

tiferet
tiferet commented Nov 22, 2022
View reviewed changes
...experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll
// Don't surface endpoint filters as characteristics, because they were previously not surfaced.
// TODO: Experiment with surfacing these to the modeling code by removing the following line (and then make
// EndpointFilterCharacteristic private).
not characteristic instanceof EndpointFilterCharacteristic and
Copy link
Contributor Author

@tiferet tiferet Nov 22, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, I see why your commit didn't fail endpoint_large_scale/ExtractEndpointDataTraining.qlref: It's because it didn't remove this line. If we were to raise the confidence of the endpoint filters without having this line, the training set would include all non-effective-sinks, which would be bad, because many of those are in fact low-confidence characteristics.

Do you see a point in making StandardEndpointFilterCharacteristic private without removing this line or making EndpointFilterCharacteristic private?

IMO, I think we need to be consistent: Either we use subclasses of EndpointCharacteristics to replicate the existing data for now, or we try to improve the logic at the same time that we improve the code, and each PR requires end-to-end testing. I definitely prefer the former. The nice thing is that, once we're ready to progress to the second phase, even without my TODO comments and issue tracking, we can easily look at all EndpointCharacteristics that aren't private and find the places they're used in the code, and that will tell us where we want to make improvements. Ultimately all EndpointCharacteristics should be private, with subclasses used only for two things: (1) Abstract classes are used to apply the same set of implications to many different subclasses without needing to overwrite getImplications() over and over. (2) Non-abstract classes are used to define the labels for type balancing through getEndpoints().

@tiferet tiferet requested a review from kaeluka November 22, 2022 18:09
@tiferet
Copy link
Contributor Author

tiferet commented Nov 22, 2022

✅ I consider the review of this PR done and approved, assuming you are making the StandardEndpointFilterCharacteristic private (for example, by adding the commit I linked above).

Unfortunately I don't think I can do that 😞. Or rather, I can do it by introducing a new confidence level, but that would further hide ugliness in a way that will make it harder to fix later. I know this back-and-forth is frustrating, and I'm sure a quick sync would be an easier way to reach resolution, but we can do that when you're feeling better -- please don't push yourself!

✅ I reviewed the PR that's removing a lot of files (😍) and all it'd need to be merged is a rebase.

Thank you! ❤️

🕥 Tomorrow, I'll work on reviewing the third PR (#11323) but to manage your expectations: that one sounds complex and might take a while to fully grok.

No rush! There's a chance that one is trickier than I realized. Luckily, if we do need big changes on that one, there's only one PR following it in the chain, so it won't require big changes to a long chain of subsequent PRs. Anyway, Thursday and Friday are bank holidays in the US, so unless that PR is unexpectedly ready for approval and merging tomorrow, it won't get merged before Monday. More importantly, get lots of rest and get healthy!

@kaeluka
Copy link

kaeluka commented Nov 23, 2022

More importantly, get lots of rest and get healthy!

Thank you! I agree, there's no point rushing this. I see several ways forward, we only need to find one that works for both of us. And enjoy your time off!

@tiferet
Filter endpoints by confidence
03b8e64 
Select endpoints to score at inference time base purely on their confidence level, and not on whether they fit the historical definition of endpoint filters.
@tiferet
Update the documentation
963407d
@tiferet
Merge pull request #11462 from github/tiferet/endpoint-filters-sidebar
72c46c6 
Endpoint filters added commits
@tiferet
Copy link
Contributor Author

tiferet commented Nov 28, 2022

@kaeluka I merged this change we agreed on into this PR, and updated the predicate's documentation accordingly. I think this addresses all your concerns, unless I lost track of something else in the long discussion 😅 Sending this back to you for final(?) review 🏓

@tiferet
Fix British spelling that code scanning didn't like.
7b0269c 
I've been working with Brits for too long :)
kaeluka
kaeluka approved these changes Nov 29, 2022
View reviewed changes
Copy link

@kaeluka kaeluka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🥳 :shipit: 👍

@tiferet tiferet merged commit f375b0c into main Nov 29, 2022
@tiferet tiferet deleted the tiferet/endpoint-filters branch November 29, 2022 20:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adityasharad adityasharad Awaiting requested review from adityasharad

1 more reviewer

@kaeluka kaeluka kaeluka approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ATM

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tiferet @kaeluka @adityasharad