One problem with patching software vulnerabilities is that an attacker will know from the patch about the existence of the vulnerability in unpatched systems. To circumvent this problem, a recent approach, called ghost patches hides the real patch among several faux patches. By publishing only the binaries of the ghost (=real + faux) patches, an attacker should not be able to decide which of the patched vulnerabilities was actually real and which were faux.
The focus of this thesis is on the analysis of the proposed patch generation algorithm. For this, ghost patches have to be generated and the binaries analyzed. Then, faux and real patches have to be evaluated with statistical means.