sesa 19(20): e4

Research Article

AMASS: Automated Software Mass Customization via Feature Identification and Tailoring

Download61 downloads
  • @ARTICLE{10.4108/eai.13-7-2018.162291,
        author={Hongfa Xue and Yurong Chen and Guru Venkataramani and Tian Lan},
        title={AMASS: Automated Software Mass Customization via Feature Identification and Tailoring},
        journal={EAI Endorsed Transactions on Security and Safety},
        volume={6},
        number={20},
        publisher={EAI},
        journal_a={SESA},
        year={2019},
        month={4},
        keywords={Program customization, Deep learning, Binary analysis},
        doi={10.4108/eai.13-7-2018.162291}
    }
    
  • Hongfa Xue
    Yurong Chen
    Guru Venkataramani
    Tian Lan
    Year: 2019
    AMASS: Automated Software Mass Customization via Feature Identification and Tailoring
    SESA
    EAI
    DOI: 10.4108/eai.13-7-2018.162291
Hongfa Xue1,*, Yurong Chen1, Guru Venkataramani1, Tian Lan1
  • 1: The George Washington University, 800 22nd Street NW, Washington, DC, 20056, USA
*Contact email: hongfaxue@gwu.edu

Abstract

The rapid inflation of software features brings inefficiency and vulnerabilities into programs, resulting in an increased attack surface with a higher possibility of exploitation. In this paper, we propose a novel framework for automated software mass customization (AMASS), which automatically identifies program features from binaries, tailors and eliminates the features to create customized program binaries in accordance with user needs, in a fully unsupervised fashion. It enables us to modularize program features and efficiently create customized program binaries at large scale. Evaluation using real-world executables including OpenSSL and LibreOffice demonstrates that AMASS can create a wide range of customized binaries for diverse feature requirements, with an average 92.76% accuracy for feature/function identification and up to 67% reduction of program attack surface.