Full Program
Summary:
Software applications typically use libraries for the implementation of commonly used tasks. Each library encompasses an extensive collection of functionalities that cover a specific task area, such as interfacing with a database. However, while applications typically use a small subset of these functionalities, the unused ones are also bundled into the final distribution, due to the fact that the libraries are loaded and linked as indivisible objects. The presence of unused functionalities in the executable program increases its attack surface, since attackers may invoke code in these functionalities or exploit their vulnerabilities, using techniques such as stack smashing or buffer overflow. In this paper, we present MiniLib, an approach that removes from the final executable any unused functionalities that may be present in the libraries, reducing attack surface and thus enhancing security. The efficiency of MiniLib is validated through its application on applications drawn from the O-RAN 6G framework.Author(s):
Loukas Kopanias
University of the Peloponnese
Greece
Panagiotis Sotiropoulos
University of the Peloponnese
Greece
Nicholas Kolokotronis
University of the Peloponnese
Greece
Costas Vassilakis
University of the Peloponnese
Greece