Litcius/Paper detail

C2C

Seyedhamed Ghavamnia, Tapti Palit, Michalis Polychronakis

2022Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security22 citationsDOI

Abstract

Configuration options allow users to customize application features according to the desired requirements. While the code that corresponds to disabled features is never executed, it still resides in process memory and comprises part of the application's attack surface, e.g., it can be reused for the construction of exploit code. Automatically reducing the attack surface of disabled application features according to a given configuration is thus a desirable defense-in-depth capability. The intricacies of modern software design and the complexities of popular programming languages, however, introduce significant challenges in automatically deriving the mapping of configuration options to their corresponding application code.

Topics & Concepts

Computer scienceExploitAttack surfaceCode (set theory)Process (computing)Programming languageSoftwareSoftware engineeringOperating systemComputer securitySet (abstract data type)Security and Verification in ComputingAdvanced Malware Detection TechniquesNetwork Security and Intrusion Detection