9 Hits in 2.5 sec

Coverage-Based Debloating for Java Bytecode [article]

César Soto-Valero, Thomas Durieux, Nicolas Harrand, Benoit Baudry
2021 arXiv   pre-print
The presence of software bloat is an issue for security, for performance, and for maintenance.  ...  Software bloat is code that is packaged in an application but is actually not necessary to run the application.  ...  Less is More: Quantifying the Security Benefits of Debloating Web Applications. In Proceedings of the 28th USENIX Conference on Security Symposium (Santa Clara, CA, USA) (SEC’19).  ... 
arXiv:2008.08401v3 fatcat:y6ochdozq5cwnktvx7milqqywq

An Empirical Study of Usages, Updates and Risks of Third-Party Libraries in Java Projects [article]

Ying Wang, Bihuan Chen, Kaifeng Huang, Bowen Shi, Congying Xu, Xin Peng, Yang Liu, Yijian Wu
2020 arXiv   pre-print
This analysis aims to quantify the potential risk of using outdated libraries and the developer response to the risk.  ...  However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks.  ...  In that sense, it is worthwhile for researchers deeply investigating the benefits and costs of snapshot versions to shed light on the management of snapshot versions.  ... 
arXiv:2002.11028v1 fatcat:nbt7ywyi6faaximrjbcq3wysly

A Linux in unikernel clothing

Hsuan-Chi Kuo, Dan Williams, Ricardo Koller, Sibin Mohan
2020 Proceedings of the Fifteenth European Conference on Computer Systems  
However, those that aimed at generality fall short of the application compatibility, robustness and, more importantly, community that is available for Linux.  ...  At the same time, Lupine can run any application (since it is Linux) when faced with more general workloads, whereas many unikernels simply crash.  ...  This work is also supported in part by the Office of Naval Research (ONR) grant N00014-17-S-B010. 13 Any opinions, findings, and conclusions made in this material are those of the authors and do not  ... 
doi:10.1145/3342195.3387526 dblp:conf/eurosys/KuoWKM20 fatcat:f4udmcbbvbempc6xen3lptcika

A comprehensive study of bloated dependencies in the Maven ecosystem

César Soto-Valero, Nicolas Harrand, Martin Monperrus, Benoit Baudry
2021 Empirical Software Engineering  
In other words, it is feasible to reduce the number of dependencies of Maven artifacts to 1/4 of its current count.  ...  Our key result is as follows: 2.7% of the dependencies directly declared are bloated, 15.4% of the inherited dependencies are bloated, and 57% of the transitive dependencies of the studied artifacts are  ...  If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly  ... 
doi:10.1007/s10664-020-09914-8 fatcat:e2gcg7ftuja7pa74fbasyzwlmm

A Comprehensive Study of Bloated Dependencies in the Maven Ecosystem [article]

César Soto-Valero, Nicolas Harrand, Martin Monperrus, Benoit Baudry
2020 arXiv   pre-print
In other words, it is feasible to reduce the number of dependencies of Maven artifacts up to 1/4 of its current count. We also perform a qualitative study with 30 notable open-source projects.  ...  Bloated dependencies are libraries that the build tool packages with the application's compiled code but that are actually not necessary to build and run the application.  ...  (e.g., web applications) or it is deployed on small devices (e.g., embedded systems).  ... 
arXiv:2001.07808v1 fatcat:kxmgpell5fbrjjb53pporoogcy

Cimplifier: automatically debloating containers

Vaibhav Rastogi, Drew Davidson, Lorenzo De Carli, Somesh Jha, Patrick McDaniel
2017 Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering - ESEC/FSE 2017  
They also decrease the overall security, as each included component-necessary or notmay bring in security issues of its own, and there is no isolation between multiple applications packaged within the  ...  Unfortunately, the ease with which containers can be created is oftentimes a double-edged sword, encouraging the packaging of logically distinct applications, and the inclusion of significant amount of  ...  We present some examples to demonstrate the security benefits of using Cimplifier.  ... 
doi:10.1145/3106237.3106271 dblp:conf/sigsoft/RastogiDCJM17 fatcat:ibacjohe6nehffi5wcqbouf4da

MultiK: A Framework for Orchestrating Multiple Specialized Kernels [article]

Hsuan-Chi Kuo, Akshith Gunasekaran, Yeongjin Jang, Sibin Mohan, Rakesh B. Bobba, David Lie, Jesse Walker
2019 arXiv   pre-print
The whole process is transparent to the user applications because MultiK does not require a recompilation of the application.  ...  MultiK is a framework that can integrate with existing code reduction and OS security techniques.  ...  MULTIK does not address and limit how the list of system calls is generated. Benefits. An immediate benefit of removing large portions of unused kernel code is the resulting attack surface reduction.  ... 
arXiv:1903.06889v1 fatcat:tzgfb4emffdlpdcejacmzhra2m

WilliamsKing_columbia_0054D_16397.pdf [article]

Simply put, an egalitarian analysis or security mechanism is one that can operate on itself (and is usually more deployable as a result).  ...  Egalito has been tested by collaborators across tens of thousands of Debian programs and libraries. We coined this term egalitarian in the context of binary security.  ...  Nibbler, and debloating generally, improves security of software indirectly, by benefiting defenses.  ... 
doi:10.7916/d8-pj40-5g79 fatcat:a3qsn42twreyfdcn37fb2sxtiq

Towards Optimal Buffer Size in Wi-Fi Networks

Ahmad Showail
Falling memory cost and the fallacy that 'more is better' lead to over provisioning network devices with large buffers.  ...  However, there is little work addressing the unique challenges of wireless environment.  ...  Right sizing the network bu↵ers per our proposed mechanism reduces the VoIP delays by more than a factor of 5, at a cost of less than 3% loss in goodput for the TCP streams.  ... 
doi:10.25781/kaust-l9dy8 fatcat:vgwbg4wgfzcwtovg3su6mtoipy