A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Coverage-Based Debloating for Java Bytecode
[article]
2021
arXiv
pre-print
Preserved Fulltext
Other Versions
The presence of software bloat is an issue for security, for performance, and for maintenance. ...
Software bloat is code that is packaged in an application but is actually not necessary to run the application. ...
Less is More: Quantifying the Security Benefits of
Debloating Web Applications. In Proceedings of the 28th USENIX Conference on Security Symposium (Santa Clara, CA,
USA) (SEC’19). ...
arXiv:2008.08401v3
fatcat:y6ochdozq5cwnktvx7milqqywq
An Empirical Study of Usages, Updates and Risks of Third-Party Libraries in Java Projects
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This analysis aims to quantify the potential risk of using outdated libraries and the developer response to the risk. ...
However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks. ...
In that sense, it is worthwhile for researchers deeply investigating the benefits and costs of snapshot versions to shed light on the management of snapshot versions. ...
arXiv:2002.11028v1
fatcat:nbt7ywyi6faaximrjbcq3wysly
A Linux in unikernel clothing
2020
Proceedings of the Fifteenth European Conference on Computer Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
However, those that aimed at generality fall short of the application compatibility, robustness and, more importantly, community that is available for Linux. ...
At the same time, Lupine can run any application (since it is Linux) when faced with more general workloads, whereas many unikernels simply crash. ...
This work is also supported in part by the Office of Naval Research (ONR) grant N00014-17-S-B010. 13 Any opinions, findings, and conclusions made in this material are those of the authors and do not ...
doi:10.1145/3342195.3387526
dblp:conf/eurosys/KuoWKM20
fatcat:f4udmcbbvbempc6xen3lptcika
A comprehensive study of bloated dependencies in the Maven ecosystem
2021
Empirical Software Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In other words, it is feasible to reduce the number of dependencies of Maven artifacts to 1/4 of its current count. ...
Our key result is as follows: 2.7% of the dependencies directly declared are bloated, 15.4% of the inherited dependencies are bloated, and 57% of the transitive dependencies of the studied artifacts are ...
If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly ...
doi:10.1007/s10664-020-09914-8
fatcat:e2gcg7ftuja7pa74fbasyzwlmm
A Comprehensive Study of Bloated Dependencies in the Maven Ecosystem
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In other words, it is feasible to reduce the number of dependencies of Maven artifacts up to 1/4 of its current count. We also perform a qualitative study with 30 notable open-source projects. ...
Bloated dependencies are libraries that the build tool packages with the application's compiled code but that are actually not necessary to build and run the application. ...
(e.g., web applications) or it is deployed on small devices (e.g., embedded systems). ...
arXiv:2001.07808v1
fatcat:kxmgpell5fbrjjb53pporoogcy
Cimplifier: automatically debloating containers
2017
Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2017
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
They also decrease the overall security, as each included component-necessary or notmay bring in security issues of its own, and there is no isolation between multiple applications packaged within the ...
Unfortunately, the ease with which containers can be created is oftentimes a double-edged sword, encouraging the packaging of logically distinct applications, and the inclusion of significant amount of ...
We present some examples to demonstrate the security benefits of using Cimplifier. ...
doi:10.1145/3106237.3106271
dblp:conf/sigsoft/RastogiDCJM17
fatcat:ibacjohe6nehffi5wcqbouf4da
MultiK: A Framework for Orchestrating Multiple Specialized Kernels
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The whole process is transparent to the user applications because MultiK does not require a recompilation of the application. ...
MultiK is a framework that can integrate with existing code reduction and OS security techniques. ...
MULTIK does not address and limit how the list of system calls is generated. Benefits. An immediate benefit of removing large portions of unused kernel code is the resulting attack surface reduction. ...
arXiv:1903.06889v1
fatcat:tzgfb4emffdlpdcejacmzhra2m
WilliamsKing_columbia_0054D_16397.pdf
[article]
2021
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Simply put, an egalitarian analysis or security mechanism is one that can operate on itself (and is usually more deployable as a result). ...
Egalito has been tested by collaborators across tens of thousands of Debian programs and libraries. We coined this term egalitarian in the context of binary security. ...
Nibbler, and debloating generally, improves security of software indirectly, by benefiting defenses. ...
doi:10.7916/d8-pj40-5g79
fatcat:a3qsn42twreyfdcn37fb2sxtiq
Towards Optimal Buffer Size in Wi-Fi Networks
2016
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Falling memory cost and the fallacy that 'more is better' lead to over provisioning network devices with large buffers. ...
However, there is little work addressing the unique challenges of wireless environment. ...
Right sizing the network bu↵ers per our proposed mechanism reduces the VoIP delays by more than a factor of 5, at a cost of less than 3% loss in goodput for the TCP streams. ...
doi:10.25781/kaust-l9dy8
fatcat:vgwbg4wgfzcwtovg3su6mtoipy