Lightweight, Multi-Stage, Compiler-Assisted Application Specialization

by   Mohannad Alhanahnah, et al.

Program debloating aims to enhance the performance and reduce the attack surface of bloated applications. Several techniques have been recently proposed to specialize programs. These approaches are either based on unsound strategies or demanding techniques, leading to unsafe results or a high overhead debloating process. In this paper, we address these limitations by applying partial-evaluation principles to generate specialized applications. Our approach relies on a simple observation that an application typically consists of configuration logic, followed by the main logic of the program. The configuration logic specifies what functionality in the main logic should be executed. LMCAS performs partial interpretation to capture a precise program state of the configuration logic based on the supplied inputs. LMCAS then applies partial-evaluation optimizations to generate a specialized program by propagating the constants in the captured partial state, eliminating unwanted code, and preserving the desired functionalities. Our evaluation of LMCAS on commonly used benchmarks and real-world applications shows that it successfully removes unwanted features while preserving the functionality and robustness of the deblated programs, runs faster than prior tools, and reduces the attack surface of specialized programs. LMCAS runs 1500x, 4.6x, and 1.2x faster than the state-of-the-art debloating tools CHISEL, RAZOR, and OCCAM, respectively; achieves 25 code-reuse attacks by removing 51.7 of known CVE vulnerabilities


page 1

page 2

page 3

page 4


TWAM: A Certifying Abstract Machine for Logic Programs

Type-preserving (or typed) compilation uses typing derivations to certif...

HODOR: Shrinking Attack Surface on Node.js via System Call Limitation

Node.js provides Node.js applications with system interaction capabiliti...

Partial Evaluation of Logic Programs in Vector Spaces

In this paper, we introduce methods of encoding propositional logic prog...

Debloating Software through Piece-Wise Compilation and Loading

Programs are bloated. Our study shows that only 5 across Ubuntu Desktop ...

Logic program specialisation through partial deduction: Control issues

Program specialisation aims at improving the overall performance of prog...

Offline Specialisation in Prolog Using a Hand-Written Compiler Generator

The so called "cogen approach" to program specialisation, writing a comp...

BRF: eBPF Runtime Fuzzer

The eBPF technology in the Linux kernel has been widely adopted for diff...

Please sign up or login with your details

Forgot password? Click here to reset