The frequently used functionalities usually constitute a small portion of applications'functionalities.The redundant code for rarely used functionalities raises the attack surface of the applications,thus causing the potential risk of code reuse at-tacks.Binary program debloating can identify and remove the redundant code based on the binary analysis of the application,so as to reduce the attack surface.The state-of-the-art binary program debloating approach relies on artificially crafted inputs to derive the initial control flows.It uses heuristics to extend the binary control-flow graph for debloating.Such an approach has limited ro-bustness and scalability.This paper proposes and implements a robust binary program debloating approach(RBdeb).It uses black-box fuzzing to derive highly-robust valid execution traces of the binary,and categorizes similar library functions automati-cally based on the graph isomorphism algorithm.The proposed path discovery algorithm extends the binary control flows with the classified library function calls from the control-flow sub-graph of the initial execution traces and generates the robust binary file as the debloating result.Experimental results demonstrate that RBdeb has higher path coverage and debloated binary robustness than the state-of-the-art approaches.The path discovery algorithm and library function categorization are more scalable.RBdeb can effectively debloat large real-world applications.
Program debloatingBinary analysisFuzzingBinary rewritingProgram analysis
NETL
NSTL
万方数据
