TY - GEN
T1 - Eliminating Vulnerabilities by Disabling Unwanted Functionality in Binary Programs
AU - Mansouri, Mohamad
AU - Xu, Jun
AU - Portokalidis, Georgios
N1 - Publisher Copyright:
© 2023 ACM.
PY - 2023/7/10
Y1 - 2023/7/10
N2 - Driven by application diversification and market needs, software systems are integrating new features rapidly. However, this "feature creep"can compromise software security, as more code carries the risk of more vulnerabilities. This paper presents a system for disabling features activated by common input types, using a component called F-detector to detect feature-associated program control flow branches. The system includes a second component called F-blocker to disable features without disrupting application continuity. It does so by treating unwanted features as unexpected errors and leveraging error virtualization to recover execution, by redirecting it to appropriate existing error handling code. We implemented and evaluated the system on the Linux platform using 145 features from 9 programs, and results show that it can detect and disable all features with few errors, hence, outperforming previous works in terms of vulnerability mitigation through debloating.
AB - Driven by application diversification and market needs, software systems are integrating new features rapidly. However, this "feature creep"can compromise software security, as more code carries the risk of more vulnerabilities. This paper presents a system for disabling features activated by common input types, using a component called F-detector to detect feature-associated program control flow branches. The system includes a second component called F-blocker to disable features without disrupting application continuity. It does so by treating unwanted features as unexpected errors and leveraging error virtualization to recover execution, by redirecting it to appropriate existing error handling code. We implemented and evaluated the system on the Linux platform using 145 features from 9 programs, and results show that it can detect and disable all features with few errors, hence, outperforming previous works in terms of vulnerability mitigation through debloating.
KW - Feature removal
KW - binary analysis
KW - tracing
KW - vulnerability removal
UR - http://www.scopus.com/inward/record.url?scp=85168146287&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85168146287&partnerID=8YFLogxK
U2 - 10.1145/3579856.3595796
DO - 10.1145/3579856.3595796
M3 - Conference contribution
AN - SCOPUS:85168146287
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 259
EP - 273
BT - ASIA CCS 2023 - Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security
T2 - 18th ACM ASIA Conference on Computer and Communications Security, ASIA CCS 2023
Y2 - 10 July 2023 through 14 July 2023
ER -