File Download
Links for fulltext
(May Require Subscription)
- Scopus: eid_2-s2.0-85075861768
- WOS: WOS:000509775000099
Supplementary
- Citations:
- Appears in Collections:
Conference Paper: Razor: A framework for post-deployment software debloating
Title | Razor: A framework for post-deployment software debloating |
---|---|
Authors | |
Issue Date | 2019 |
Citation | The 28th USENIX Security Symposium, Santa Clara, CA, 14-16 August 2019. In Proceedings of the 28th USENIX Security Symposium, 2019, p. 1733-1750 How to Cite? |
Abstract | Commodity software typically includes a large number of functionalities for a broad user population. However, each individual user usually only needs a small subset of all supported functionalities. The bloated code not only hinders optimal execution, but also leads to a larger attack surface. Recent works have explored program debloating as an emerging solution to this problem. Unfortunately, these works require program source code, limiting their real-world deployability. In this paper, we propose a practical debloating framework, RAZOR, that performs code reduction for deployed binaries. Based on users' specifications, our tool customizes the binary to generate a functional program with minimal code size. Instead of only supporting given test cases, RAZOR takes several control-flow heuristics to infer complementary code that is necessary to support user-expected functionalities. We evaluated RAZOR on commonly used benchmarks and real-world applications, including the web browser FireFox and the close-sourced PDF reader FoxitReader. The result shows that RAZOR is able to reduce over 70% of the code from the bloated binary. It produces functional programs and does not introduce any security issues. RAZOR is thus a practical framework for debloating real-world programs. |
Persistent Identifier | http://hdl.handle.net/10722/303632 |
ISBN | |
ISI Accession Number ID |
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Qian, Chenxiong | - |
dc.contributor.author | Hu, Hong | - |
dc.contributor.author | Alharthi, Mansour | - |
dc.contributor.author | Chung, Pak Ho | - |
dc.contributor.author | Kim, Taesoo | - |
dc.contributor.author | Lee, Wenke | - |
dc.date.accessioned | 2021-09-15T08:25:42Z | - |
dc.date.available | 2021-09-15T08:25:42Z | - |
dc.date.issued | 2019 | - |
dc.identifier.citation | The 28th USENIX Security Symposium, Santa Clara, CA, 14-16 August 2019. In Proceedings of the 28th USENIX Security Symposium, 2019, p. 1733-1750 | - |
dc.identifier.isbn | 9781939133069 | - |
dc.identifier.uri | http://hdl.handle.net/10722/303632 | - |
dc.description.abstract | Commodity software typically includes a large number of functionalities for a broad user population. However, each individual user usually only needs a small subset of all supported functionalities. The bloated code not only hinders optimal execution, but also leads to a larger attack surface. Recent works have explored program debloating as an emerging solution to this problem. Unfortunately, these works require program source code, limiting their real-world deployability. In this paper, we propose a practical debloating framework, RAZOR, that performs code reduction for deployed binaries. Based on users' specifications, our tool customizes the binary to generate a functional program with minimal code size. Instead of only supporting given test cases, RAZOR takes several control-flow heuristics to infer complementary code that is necessary to support user-expected functionalities. We evaluated RAZOR on commonly used benchmarks and real-world applications, including the web browser FireFox and the close-sourced PDF reader FoxitReader. The result shows that RAZOR is able to reduce over 70% of the code from the bloated binary. It produces functional programs and does not introduce any security issues. RAZOR is thus a practical framework for debloating real-world programs. | - |
dc.language | eng | - |
dc.relation.ispartof | Proceedings of the 28th USENIX Security Symposium | - |
dc.title | Razor: A framework for post-deployment software debloating | - |
dc.type | Conference_Paper | - |
dc.description.nature | link_to_OA_fulltext | - |
dc.identifier.scopus | eid_2-s2.0-85075861768 | - |
dc.identifier.spage | 1733 | - |
dc.identifier.epage | 1750 | - |
dc.identifier.isi | WOS:000509775000099 | - |