Research Article
AMASS: Automated Software Mass Customization via Feature Identification and Tailoring
@ARTICLE{10.4108/eai.13-7-2018.162291, author={Hongfa Xue and Yurong Chen and Guru Venkataramani and Tian Lan}, title={AMASS: Automated Software Mass Customization via Feature Identification and Tailoring}, journal={EAI Endorsed Transactions on Security and Safety}, volume={6}, number={20}, publisher={EAI}, journal_a={SESA}, year={2019}, month={4}, keywords={Program customization, Deep learning, Binary analysis}, doi={10.4108/eai.13-7-2018.162291} }- Hongfa Xue
Yurong Chen
Guru Venkataramani
Tian Lan
Year: 2019
AMASS: Automated Software Mass Customization via Feature Identification and Tailoring
SESA
EAI
DOI: 10.4108/eai.13-7-2018.162291
Abstract
The rapid inflation of software features brings inefficiency and vulnerabilities into programs, resulting in an increased attack surface with a higher possibility of exploitation. In this paper, we propose a novel framework for automated software mass customization (AMASS), which automatically identifies program features from binaries, tailors and eliminates the features to create customized program binaries in accordance with user needs, in a fully unsupervised fashion. It enables us to modularize program features and efficiently create customized program binaries at large scale. Evaluation using real-world executables including OpenSSL and LibreOffice demonstrates that AMASS can create a wide range of customized binaries for diverse feature requirements, with an average 92.76% accuracy for feature/function identification and up to 67% reduction of program attack surface.
Copyright © 2019 Hongfa Xue et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.
