TY - GEN
T1 - BLADE
T2 - 2023 IEEE Secure Development Conference, SecDev 2023
AU - Ali, Muaz
AU - Habib, Rumaisa
AU - Gehani, Ashish
AU - Rahaman, Sazzadur
AU - Uzmi, Zartash
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Existing source code debloaters fall short due to low scalability and high runtime overhead when applied in dynamic cloud settings, where instances are spun up on the fly. To address this challenge, we propose BLADE that leverages the common coding idioms and language restrictions to build simple yet effective heuristics for faster source-code debloating. For example, usually, coding constructs are defined before used. Thus, the probability of breaking code after the removal of a node reduces with the depth of its position in the syntax tree. Also, while debloating certain functionalities, statements from a basic block have a higher possibility of getting removed together. To utilize these insights, BLADE employs a hierarchical source code reduction, where reduction candidates are chosen with reverse pre-order traversal, so that it removes uses before the definitions. Low runtime overhead makes BLADE practical to apply code debloating to large workloads. Our evaluation shows that BLADE runs faster than existing source code debloating tools. Compared to Chisel, BLADE is, on average, 2.3 faster and provides comparable reductions in the code size and attack surfaces. In comparison to Debop, another source code debloater, BLADE, on average, is 2.75 faster.
AB - Existing source code debloaters fall short due to low scalability and high runtime overhead when applied in dynamic cloud settings, where instances are spun up on the fly. To address this challenge, we propose BLADE that leverages the common coding idioms and language restrictions to build simple yet effective heuristics for faster source-code debloating. For example, usually, coding constructs are defined before used. Thus, the probability of breaking code after the removal of a node reduces with the depth of its position in the syntax tree. Also, while debloating certain functionalities, statements from a basic block have a higher possibility of getting removed together. To utilize these insights, BLADE employs a hierarchical source code reduction, where reduction candidates are chosen with reverse pre-order traversal, so that it removes uses before the definitions. Low runtime overhead makes BLADE practical to apply code debloating to large workloads. Our evaluation shows that BLADE runs faster than existing source code debloating tools. Compared to Chisel, BLADE is, on average, 2.3 faster and provides comparable reductions in the code size and attack surfaces. In comparison to Debop, another source code debloater, BLADE, on average, is 2.75 faster.
KW - Program Debloating
KW - Source Code Debloating
UR - http://www.scopus.com/inward/record.url?scp=85179182582&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85179182582&partnerID=8YFLogxK
U2 - 10.1109/SecDev56634.2023.00022
DO - 10.1109/SecDev56634.2023.00022
M3 - Conference contribution
AN - SCOPUS:85179182582
T3 - Proceedings - 2023 IEEE Secure Development Conference, SecDev 2023
SP - 75
EP - 87
BT - Proceedings - 2023 IEEE Secure Development Conference, SecDev 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 18 October 2023 through 20 October 2023
ER -