D-Linker: Debloating Shared Libraries by Relinking From Object Files

D-Linker: Debloating Shared Libraries by Relinking From Object Files

Shared libraries are widely used in software development to execute third-party functions. However, the size and complexity of shared libraries tend to increase with the need to support more features, resulting in bloated shared libraries. This leads to resource waste and security issues as a signif...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on computer-aided design of integrated circuits and systems 2024-11, Vol.43 (11), p.3768-3779
Hauptverfasser: He, Jiatai, Hou, Pengpeng, Yu, Jiageng, Qi, Ji, Sun, Ying, Li, Lijuan, Zhao, Ruilin, Wu, Yanjun
Format: Artikel
Sprache:eng
Schlagworte:
Binary debloating
Codes
embedded system
Embedded systems
Ground penetrating radar
Integrated circuits
Libraries
Object recognition
Runtime
Security
shared library
Software development management
Source coding
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 3779
container_issue 11
container_start_page 3768
container_title IEEE transactions on computer-aided design of integrated circuits and systems
container_volume 43
creator He, Jiatai
Hou, Pengpeng
Yu, Jiageng
Qi, Ji
Sun, Ying
Li, Lijuan
Zhao, Ruilin
Wu, Yanjun
description Shared libraries are widely used in software development to execute third-party functions. However, the size and complexity of shared libraries tend to increase with the need to support more features, resulting in bloated shared libraries. This leads to resource waste and security issues as a significant amount of generic functionality is included unnecessarily in most scenarios, especially in embedded systems. To address this issue, previous works attempt to debloat shared libraries through binary rewriting or recompilation. However, these works face a tradeoff between flexibility in usage (needs recompilation and runtime support) and the effectiveness of debloating (binary rewriting achieves insufficient file size reduction). We propose D-Linker, a tool that debloats shared libraries by reducing both code and data sections in link-time at the object level without recompilation. Our key insight is that object-level shared library debloating is especially suitable for embedded systems because it strikes a balance of flexibility and efficiency. D-Linker identifies the required ELF object files of the shared libraries in an application and relinks them to produce a debloated shared library with better-debloating effectiveness by avoiding the data reference analysis. Our approach achieves over 70% of gadgets reduction as a security benefit and an average size reduction of 49.6% for a stripped libc of coreutils. The results also indicate that D-Linker improves debloating effectiveness by approximately 30% compared to binary-level shared library debloating and incurs a 5% decrease in code gadgets reduction compared to source-code-level shared library debloating.
doi_str_mv 10.1109/TCAD.2024.3446712
format Article
fullrecord <record><control><sourceid>crossref_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TCAD_2024_3446712</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10745870</ieee_id><sourcerecordid>10_1109_TCAD_2024_3446712</sourcerecordid><originalsourceid>FETCH-LOGICAL-c148t-1cf29a2593b3ef1aab2f54a53f0ee5098a8f332a85f9cb0228455d50ff08e67e3</originalsourceid><addsrcrecordid>eNpNkL1OwzAUhS0EEqHwAEgMfoGE67_aZqsaCkiRKkGZIzu9Bpe0QXaXvj2N2oHpDOd8Z_gIuWdQMQb2cTWf1RUHLish5VQzfkEKZoUuJVPskhTAtSkBNFyTm5w3AEwqbgtS12UTdz-YnmiNvh_cPu6-6Me3S7imTfTJpYiZ-gN9x_44HNtFGrZ06TfY7eki9phvyVVwfca7c07I5-J5NX8tm-XL23zWlB2TZl-yLnDruLLCCwzMOc-Dkk6JAIgKrHEmCMGdUcF2Hjg3Uqm1ghDA4FSjmBB2-u3SkHPC0P6muHXp0DJoRw3tqKEdNbRnDUfm4cRERPy311IZDeIPVdJYVg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>D-Linker: Debloating Shared Libraries by Relinking From Object Files</title><source>IEEE Electronic Library (IEL)</source><creator>He, Jiatai ; Hou, Pengpeng ; Yu, Jiageng ; Qi, Ji ; Sun, Ying ; Li, Lijuan ; Zhao, Ruilin ; Wu, Yanjun</creator><creatorcontrib>He, Jiatai ; Hou, Pengpeng ; Yu, Jiageng ; Qi, Ji ; Sun, Ying ; Li, Lijuan ; Zhao, Ruilin ; Wu, Yanjun</creatorcontrib><description>Shared libraries are widely used in software development to execute third-party functions. However, the size and complexity of shared libraries tend to increase with the need to support more features, resulting in bloated shared libraries. This leads to resource waste and security issues as a significant amount of generic functionality is included unnecessarily in most scenarios, especially in embedded systems. To address this issue, previous works attempt to debloat shared libraries through binary rewriting or recompilation. However, these works face a tradeoff between flexibility in usage (needs recompilation and runtime support) and the effectiveness of debloating (binary rewriting achieves insufficient file size reduction). We propose D-Linker, a tool that debloats shared libraries by reducing both code and data sections in link-time at the object level without recompilation. Our key insight is that object-level shared library debloating is especially suitable for embedded systems because it strikes a balance of flexibility and efficiency. D-Linker identifies the required ELF object files of the shared libraries in an application and relinks them to produce a debloated shared library with better-debloating effectiveness by avoiding the data reference analysis. Our approach achieves over 70% of gadgets reduction as a security benefit and an average size reduction of 49.6% for a stripped libc of coreutils. The results also indicate that D-Linker improves debloating effectiveness by approximately 30% compared to binary-level shared library debloating and incurs a 5% decrease in code gadgets reduction compared to source-code-level shared library debloating.</description><identifier>ISSN: 0278-0070</identifier><identifier>EISSN: 1937-4151</identifier><identifier>DOI: 10.1109/TCAD.2024.3446712</identifier><identifier>CODEN: ITCSDI</identifier><language>eng</language><publisher>IEEE</publisher><subject>Binary debloating ; Codes ; embedded system ; Embedded systems ; Ground penetrating radar ; Integrated circuits ; Libraries ; Object recognition ; Runtime ; Security ; shared library ; Software development management ; Source coding</subject><ispartof>IEEE transactions on computer-aided design of integrated circuits and systems, 2024-11, Vol.43 (11), p.3768-3779</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c148t-1cf29a2593b3ef1aab2f54a53f0ee5098a8f332a85f9cb0228455d50ff08e67e3</cites><orcidid>0000-0002-8548-116X ; 0000-0002-6480-2497 ; 0009-0005-2701-2989 ; 0009-0008-5570-719X ; 0000-0003-1313-9530 ; 0000-0002-1823-0459</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10745870$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27903,27904,54735</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10745870$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>He, Jiatai</creatorcontrib><creatorcontrib>Hou, Pengpeng</creatorcontrib><creatorcontrib>Yu, Jiageng</creatorcontrib><creatorcontrib>Qi, Ji</creatorcontrib><creatorcontrib>Sun, Ying</creatorcontrib><creatorcontrib>Li, Lijuan</creatorcontrib><creatorcontrib>Zhao, Ruilin</creatorcontrib><creatorcontrib>Wu, Yanjun</creatorcontrib><title>D-Linker: Debloating Shared Libraries by Relinking From Object Files</title><title>IEEE transactions on computer-aided design of integrated circuits and systems</title><addtitle>TCAD</addtitle><description>Shared libraries are widely used in software development to execute third-party functions. However, the size and complexity of shared libraries tend to increase with the need to support more features, resulting in bloated shared libraries. This leads to resource waste and security issues as a significant amount of generic functionality is included unnecessarily in most scenarios, especially in embedded systems. To address this issue, previous works attempt to debloat shared libraries through binary rewriting or recompilation. However, these works face a tradeoff between flexibility in usage (needs recompilation and runtime support) and the effectiveness of debloating (binary rewriting achieves insufficient file size reduction). We propose D-Linker, a tool that debloats shared libraries by reducing both code and data sections in link-time at the object level without recompilation. Our key insight is that object-level shared library debloating is especially suitable for embedded systems because it strikes a balance of flexibility and efficiency. D-Linker identifies the required ELF object files of the shared libraries in an application and relinks them to produce a debloated shared library with better-debloating effectiveness by avoiding the data reference analysis. Our approach achieves over 70% of gadgets reduction as a security benefit and an average size reduction of 49.6% for a stripped libc of coreutils. The results also indicate that D-Linker improves debloating effectiveness by approximately 30% compared to binary-level shared library debloating and incurs a 5% decrease in code gadgets reduction compared to source-code-level shared library debloating.</description><subject>Binary debloating</subject><subject>Codes</subject><subject>embedded system</subject><subject>Embedded systems</subject><subject>Ground penetrating radar</subject><subject>Integrated circuits</subject><subject>Libraries</subject><subject>Object recognition</subject><subject>Runtime</subject><subject>Security</subject><subject>shared library</subject><subject>Software development management</subject><subject>Source coding</subject><issn>0278-0070</issn><issn>1937-4151</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkL1OwzAUhS0EEqHwAEgMfoGE67_aZqsaCkiRKkGZIzu9Bpe0QXaXvj2N2oHpDOd8Z_gIuWdQMQb2cTWf1RUHLish5VQzfkEKZoUuJVPskhTAtSkBNFyTm5w3AEwqbgtS12UTdz-YnmiNvh_cPu6-6Me3S7imTfTJpYiZ-gN9x_44HNtFGrZ06TfY7eki9phvyVVwfca7c07I5-J5NX8tm-XL23zWlB2TZl-yLnDruLLCCwzMOc-Dkk6JAIgKrHEmCMGdUcF2Hjg3Uqm1ghDA4FSjmBB2-u3SkHPC0P6muHXp0DJoRw3tqKEdNbRnDUfm4cRERPy311IZDeIPVdJYVg</recordid><startdate>202411</startdate><enddate>202411</enddate><creator>He, Jiatai</creator><creator>Hou, Pengpeng</creator><creator>Yu, Jiageng</creator><creator>Qi, Ji</creator><creator>Sun, Ying</creator><creator>Li, Lijuan</creator><creator>Zhao, Ruilin</creator><creator>Wu, Yanjun</creator><general>IEEE</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-8548-116X</orcidid><orcidid>https://orcid.org/0000-0002-6480-2497</orcidid><orcidid>https://orcid.org/0009-0005-2701-2989</orcidid><orcidid>https://orcid.org/0009-0008-5570-719X</orcidid><orcidid>https://orcid.org/0000-0003-1313-9530</orcidid><orcidid>https://orcid.org/0000-0002-1823-0459</orcidid></search><sort><creationdate>202411</creationdate><title>D-Linker: Debloating Shared Libraries by Relinking From Object Files</title><author>He, Jiatai ; Hou, Pengpeng ; Yu, Jiageng ; Qi, Ji ; Sun, Ying ; Li, Lijuan ; Zhao, Ruilin ; Wu, Yanjun</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c148t-1cf29a2593b3ef1aab2f54a53f0ee5098a8f332a85f9cb0228455d50ff08e67e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Binary debloating</topic><topic>Codes</topic><topic>embedded system</topic><topic>Embedded systems</topic><topic>Ground penetrating radar</topic><topic>Integrated circuits</topic><topic>Libraries</topic><topic>Object recognition</topic><topic>Runtime</topic><topic>Security</topic><topic>shared library</topic><topic>Software development management</topic><topic>Source coding</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>He, Jiatai</creatorcontrib><creatorcontrib>Hou, Pengpeng</creatorcontrib><creatorcontrib>Yu, Jiageng</creatorcontrib><creatorcontrib>Qi, Ji</creatorcontrib><creatorcontrib>Sun, Ying</creatorcontrib><creatorcontrib>Li, Lijuan</creatorcontrib><creatorcontrib>Zhao, Ruilin</creatorcontrib><creatorcontrib>Wu, Yanjun</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>He, Jiatai</au><au>Hou, Pengpeng</au><au>Yu, Jiageng</au><au>Qi, Ji</au><au>Sun, Ying</au><au>Li, Lijuan</au><au>Zhao, Ruilin</au><au>Wu, Yanjun</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>D-Linker: Debloating Shared Libraries by Relinking From Object Files</atitle><jtitle>IEEE transactions on computer-aided design of integrated circuits and systems</jtitle><stitle>TCAD</stitle><date>2024-11</date><risdate>2024</risdate><volume>43</volume><issue>11</issue><spage>3768</spage><epage>3779</epage><pages>3768-3779</pages><issn>0278-0070</issn><eissn>1937-4151</eissn><coden>ITCSDI</coden><abstract>Shared libraries are widely used in software development to execute third-party functions. However, the size and complexity of shared libraries tend to increase with the need to support more features, resulting in bloated shared libraries. This leads to resource waste and security issues as a significant amount of generic functionality is included unnecessarily in most scenarios, especially in embedded systems. To address this issue, previous works attempt to debloat shared libraries through binary rewriting or recompilation. However, these works face a tradeoff between flexibility in usage (needs recompilation and runtime support) and the effectiveness of debloating (binary rewriting achieves insufficient file size reduction). We propose D-Linker, a tool that debloats shared libraries by reducing both code and data sections in link-time at the object level without recompilation. Our key insight is that object-level shared library debloating is especially suitable for embedded systems because it strikes a balance of flexibility and efficiency. D-Linker identifies the required ELF object files of the shared libraries in an application and relinks them to produce a debloated shared library with better-debloating effectiveness by avoiding the data reference analysis. Our approach achieves over 70% of gadgets reduction as a security benefit and an average size reduction of 49.6% for a stripped libc of coreutils. The results also indicate that D-Linker improves debloating effectiveness by approximately 30% compared to binary-level shared library debloating and incurs a 5% decrease in code gadgets reduction compared to source-code-level shared library debloating.</abstract><pub>IEEE</pub><doi>10.1109/TCAD.2024.3446712</doi><tpages>12</tpages><orcidid>https://orcid.org/0000-0002-8548-116X</orcidid><orcidid>https://orcid.org/0000-0002-6480-2497</orcidid><orcidid>https://orcid.org/0009-0005-2701-2989</orcidid><orcidid>https://orcid.org/0009-0008-5570-719X</orcidid><orcidid>https://orcid.org/0000-0003-1313-9530</orcidid><orcidid>https://orcid.org/0000-0002-1823-0459</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0278-0070
ispartof IEEE transactions on computer-aided design of integrated circuits and systems, 2024-11, Vol.43 (11), p.3768-3779
issn 0278-0070
1937-4151
language eng
recordid cdi_crossref_primary_10_1109_TCAD_2024_3446712
source IEEE Electronic Library (IEL)
subjects Binary debloating
Codes
embedded system
Embedded systems
Ground penetrating radar
Integrated circuits
Libraries
Object recognition
Runtime
Security
shared library
Software development management
Source coding
title D-Linker: Debloating Shared Libraries by Relinking From Object Files
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T09%3A39%3A14IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=D-Linker:%20Debloating%20Shared%20Libraries%20by%20Relinking%20From%20Object%20Files&rft.jtitle=IEEE%20transactions%20on%20computer-aided%20design%20of%20integrated%20circuits%20and%20systems&rft.au=He,%20Jiatai&rft.date=2024-11&rft.volume=43&rft.issue=11&rft.spage=3768&rft.epage=3779&rft.pages=3768-3779&rft.issn=0278-0070&rft.eissn=1937-4151&rft.coden=ITCSDI&rft_id=info:doi/10.1109/TCAD.2024.3446712&rft_dat=%3Ccrossref_RIE%3E10_1109_TCAD_2024_3446712%3C/crossref_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10745870&rfr_iscdi=true