31 research outputs found
Security Assessment and Hardening of Fog Computing Systems
In recent years, there has been a shift in computing architectures, moving
away from centralized cloud computing towards decentralized edge and fog
computing. This shift is driven by factors such as the increasing volume of
data generated at the edge, the growing demand for real-time processing and
low-latency applications, and the need for improved privacy and data locality.
Although this new paradigm offers numerous advantages, it also introduces
significant security and reliability challenges. This paper aims to review the
architectures and technologies employed in fog computing and identify
opportunities for developing novel security assessment and security hardening
techniques. These techniques include secure configuration and debloating to
enhance the security of middleware, testing techniques to assess secure
communication mechanisms, and automated rehosting to speed up the security
testing of embedded firmware.Comment: 4 pages, Accepted for publication at The 34th IEEE International
Symposium on Software Reliability Engineering Workshops (ISSREW
Coverage-Based Debloating for Java Bytecode
Software bloat is code that is packaged in an application but is actually not
necessary to run the application. The presence of software bloat is an issue
for security, for performance, and for maintenance. In this paper, we introduce
a novel technique for debloating Java bytecode, which we call coverage-based
debloating. We leverage a combination of state-of-the-art Java bytecode
coverage tools to precisely capture what parts of a project and its
dependencies are used at runtime. Then, we automatically remove the parts that
are not covered to generate a debloated version of the compiled project. We
successfully generate debloated versions of 220 open-source Java libraries,
which are syntactically correct and preserve their original behavior according
to the workload. Our results indicate that 68.3% of the libraries' bytecode and
20.5% of their total dependencies can be removed through coverage-based
debloating. Meanwhile, we present the first experiment that assesses the
utility of debloated libraries with respect to client applications that reuse
them. We show that 80.9% of the clients with at least one test that uses the
library successfully compile and pass their test suite when the original
library is replaced by its debloated version
CARVE: Practical Security-Focused Software Debloating Using Simple Feature Set Mappings
Software debloating is an emerging field of study aimed at improving the
security and performance of software by removing excess library code and
features that are not needed by the end user (called bloat). Software bloat is
pervasive, and several debloating techniques have been proposed to address this
problem. While these techniques are effective at reducing bloat, they are not
practical for the average user, risk creating unsound programs and introducing
vulnerabilities, and are not well suited for debloating complex software such
as network protocol implementations. In this paper, we propose CARVE, a simple
yet effective security-focused debloating technique that overcomes these
limitations. CARVE employs static source code annotation to map software
features source code, eliminating the need for advanced software analysis
during debloating and reducing the overall level of technical sophistication
required by the user. CARVE surpasses existing techniques by introducing
debloating with replacement, a technique capable of preserving software
interoperability and mitigating the risk of creating an unsound program or
introducing a vulnerability. We evaluate CARVE in 12 debloating scenarios and
demonstrate security and performance improvements that meet or exceed those of
existing techniques.Comment: 8 pages, 4 figures, 2 tables, 1 appendi
LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
The Bluetooth standard is ubiquitously supported by com-
puters, smartphones, and IoT devices. Due to its complex-
ity, implementations require large codebases, that are prone
to security vulnerabilities, such as the recently discovered
BlueBorne and BadBluetooth attacks. While defined by the
standard, most of the Bluetooth functionality, as defined by
different Bluetooth profiles, is not required in the common
usage scenarios.
Starting from this observation, we implement L IGHT B LUE ,
a framework performing automatic, profile-aware debloating
of Bluetooth stacks, allowing users to automatically minimize
their Bluetooth attack surface by removing unneeded Blue-
tooth features. L IGHT B LUE starts with a target Bluetooth
application, detects the associated Bluetooth profiles, and ap-
plies a combination of control-flow and data-flow analysis
to remove unused code within a Bluetooth host code. Fur-
thermore, to debloat the Bluetooth firmware, L IGHT B LUE
extracts the used Host Controller Interface (HCI) commands
and patches the HCI dispatcher in the Bluetooth firmware au-
tomatically, so that the Bluetooth firmware avoids processing
unneeded HCI commands.
We evaluate L IGHT B LUE on four different Bluetooth hosts
and three different Bluetooth controllers. Our evaluation
shows that L IGHT B LUE achieves between 32% and 50% code
reduction in the Bluetooth host code and between 57% and
83% HCI command reduction in the Bluetooth firmware. This
code reduction leads to the prevention of attacks responsible
for at least 20 CVEs, such as BlueBorne and BadBluetooth,
while introducing no performance overhead and without af-
fecting the behavior of the debloated application
REDUCING SOFTWARE’S ATTACK SURFACE WITH CODE DEBLOATING
Current software is designed to support a large spectrum of features to meet various users’ needs. However, each end-user only requires a small set of the features to perform
required tasks, rendering the software bloated. The bloated code not only hinders optimal execution, but also leads to a larger attack surface. Code debloating technique, which aims
to remove the unneeded features’ code, has been proposed to reduce the bloated software’s attack surface. However, there is a fundamental gap between the features needed by a user and the implementation, so it is challenging to identify the code that only supports the needed features
Previous works ask end-users to provide a set of sample inputs to demonstrate how they will use the software and generate a debloated version of the software that only contains the code triggered from running the sample inputs. Unfortunately, software debloated by this approach only supports running given inputs, presenting an unusable notion of debloating: if the debloated software only needs to support a fixed set of inputs, the debloating process
is as simple as synthesizing a map from the input to the observed output. We call this Over-debloating Problem. This dissertation focuses on removing software’s unneeded code while providing high robustness for debloated software to run more inputs sharing the same functionalities with the given inputs, with approaches either using heuristics, feature-code
map, or code partitioning. Our evaluation shows that our systems can debloat large-scale and complex software (I.e., Chromium) by removing 25% ~ 70% code and run the debloated software without affecting the original functionality.Ph.D
Automatic Specialization of Third-Party Java Dependencies
Modern software systems rely on a multitude of third-party dependencies. This
large-scale code reuse reduces development costs and time, and it poses new
challenges with respect to maintenance and security. Techniques such as tree
shaking or shading can remove dependencies that are completely unused by a
project, which partly address these challenges. Yet, the remaining dependencies
are likely to be used only partially, leaving room for further reduction of
third-party code. In this paper, we propose a novel technique to specialize
dependencies of Java projects, based on their actual usage. For each
dependency, we systematically identify the subset of its functionalities that
is necessary to build the project, and remove the rest. Each specialized
dependency is repackaged. Then, we generate specialized dependency trees where
the original dependencies are replaced by the specialized versions and we
rebuild the project. We implement our technique in a tool called DepTrim, which
we evaluate with 30 notable open-source Java projects. DepTrim specializes a
total of 343 (86.6%) dependencies across these projects, and successfully
rebuilds each project with a specialized dependency tree. Moreover, through
this specialization, DepTrim removes a total of 60,962 (47.0%) classes from the
dependencies, reducing the ratio of dependency classes to project classes from
8.7x in the original projects to 4.4x after specialization. These results
indicate the relevance of dependency specialization to significantly reduce the
share of third-party code in Java projects.Comment: 17 pages, 2 figures, 4 tables, 1 algorithm, 2 code listings, 3
equation