乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,13]],"date-time":"2024-09-13T15:51:35Z","timestamp":1726242695389},"publisher-location":"Cham","reference-count":53,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031514814"},{"type":"electronic","value":"9783031514821"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-51482-1_12","type":"book-chapter","created":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T06:02:47Z","timestamp":1704866567000},"page":"229-249","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["SoK: A Tale of\u00a0Reduction, Security, and\u00a0Correctness - Evaluating Program Debloating Paradigms and\u00a0Their Compositions"],"prefix":"10.1007","author":[{"given":"Muaz","family":"Ali","sequence":"first","affiliation":[]},{"given":"Muhammad","family":"Muzammil","sequence":"additional","affiliation":[]},{"given":"Faraz","family":"Karim","sequence":"additional","affiliation":[]},{"given":"Ayesha","family":"Naeem","sequence":"additional","affiliation":[]},{"given":"Rukhshan","family":"Haroon","sequence":"additional","affiliation":[]},{"given":"Muhammad","family":"Haris","sequence":"additional","affiliation":[]},{"given":"Huzaifah","family":"Nadeem","sequence":"additional","affiliation":[]},{"given":"Waseem","family":"Sabir","sequence":"additional","affiliation":[]},{"given":"Fahad","family":"Shaon","sequence":"additional","affiliation":[]},{"given":"Fareed","family":"Zaffar","sequence":"additional","affiliation":[]},{"given":"Vinod","family":"Yegneswaran","sequence":"additional","affiliation":[]},{"given":"Ashish","family":"Gehani","sequence":"additional","affiliation":[]},{"given":"Sazzadur","family":"Rahaman","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,1,11]]},"reference":[{"key":"12_CR1","unstructured":"Busy box. https:\/\/busybox.net\/"},{"key":"12_CR2","unstructured":"Depclean. https:\/\/github.com\/castor-software\/depclean"},{"key":"12_CR3","unstructured":"Ropgadget tool. https:\/\/github.com\/JonathanSalwan\/ROPgadget"},{"key":"12_CR4","unstructured":"Abubakar, M., Ahmad, A., Fonseca, P., Xu, D.: Shard: fine-grained kernel specialization with context-aware hardening. In: 28th USENIX Security Symposium (2019)"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Agadakos, I., Jin, D., Williams-King, D., Kemerlis, V.P., Portokalidis, G.: Nibbler: debloating binary shared libraries. In: ACSAC, pp. 70\u201383 (2019)","DOI":"10.1145\/3359789.3359823"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Ahmad, A., Anwar, M., Sharif, H., Gehani, A., Zaffar, F.: Trimmer: context-specific code reduction. In: 37th IEEE\/ACM Conference on Automated Software Engineering (ASE) (2022)","DOI":"10.1145\/3551349.3559529"},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Ahmad, A., et al.: Trimmer: an automated system for configuration-based software debloating. IEEE Trans. Softw. Eng. (TSE) 48(9) (2022)","DOI":"10.1109\/TSE.2021.3095716"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Alhanahnah, M., Jain, R., Rastogi, V., Jha, S., Reps, T.: Lightweight, multi-stage, compiler-assisted application specialization. In: 7th European Symposium on Security and Privacy. IEEE (2022)","DOI":"10.1109\/EuroSP53844.2022.00024"},{"key":"12_CR9","unstructured":"Azad, B.A., Laperdrix, P., Nikiforakis, N.: Less is more: quantifying the security benefits of debloating web applications. In: 28th USENIX Security Symposium (2019)"},{"issue":"2","key":"12_CR10","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1145\/1646353.1646374","volume":"53","author":"A Bessey","year":"2010","unstructured":"Bessey, A., et al.: A few billion lines of code later: using static analysis to find bugs in the real world. Commun. ACM 53(2), 66\u201375 (2010)","journal-title":"Commun. ACM"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Bhattacharya, S., Rajamani, K., Gopinath, K., Gupta, M.: The interplay of software bloat, hardware energy proportionality and system bottlenecks. In: HotPower\u201911, pp. 1\u20135 (2011)","DOI":"10.1145\/2039252.2039253"},{"key":"12_CR12","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-319-99828-2_21","volume-title":"ICT Systems Security and Privacy Protection","author":"B Bierbaumer","year":"2018","unstructured":"Bierbaumer, B., Kirsch, J., Kittel, T., Francillon, A., Zarras, A.: Smashing the stack protector for fun and profit. In: Janczewski, L.J., Kuty\u0142owski, M. (eds.) SEC 2018. IAICT, vol. 529, pp. 293\u2013306. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-99828-2_21"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Biswas, P., Burow, N., Payer, M.: Code specialization through dynamic feature observation. In: Joshi, A., Carminati, B., Verma, R.M. (eds.) CODASPY \u201921, pp. 257\u2013268 (2021)","DOI":"10.1145\/3422337.3447844"},{"key":"12_CR14","unstructured":"Brown, M.D., Pande, S.: Is less really more? Towards better metrics for measuring security improvements realized through software debloating. In: 12th USENIX Workshop (CSET 19) (2019)"},{"key":"12_CR15","doi-asserted-by":"crossref","unstructured":"Brown, M.D., Pruett, M., Bigelow, R., Mururu, G., Pande, S.: Not so fast: understanding and mitigating negative impacts of compiler optimizations on code reuse gadget sets. Proc. ACM Program. Lang. 5(OOPSLA) (2021)","DOI":"10.1145\/3485531"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Bruce, B.R., Zhang, T., Arora, J., Xu, G.H., Kim, M.: JShrink: in-depth investigation into debloating modern Java applications. In: Devanbu, P., Cohen, M.B., Zimmermann, T. (eds.) ESEC\/FSE, pp. 135\u2013146. ACM (2020)","DOI":"10.1145\/3368089.3409738"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Chaqfeh, M., Zaki, Y., Hu, J., Subramanian, L.: JScleaner: de-cluttering mobile webpages through Javascript cleanup. In: Huang, Y., King, I., Liu, T., van Steen, M. (eds.) WWW, pp. 763\u2013773. ACM\/IW3C2 (2020)","DOI":"10.1145\/3366423.3380157"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Dewan, A., Rao, P., Sodhi, B., Kapur, R.: BloatLibD: detecting bloat libraries in Java applications. In: 16th Conference on the Evaluation of Novel Approaches to Software Engineering (2021)","DOI":"10.5220\/0010459401260137"},{"key":"12_CR19","unstructured":"GuardSquare: Proguard. https:\/\/github.com\/Guardsquare\/proguard"},{"key":"12_CR20","unstructured":"Guo, P.J., Engler, D.R.: CDE: using system call interposition to automatically create portable software packages. In: Nieh, J., Waldspurger, C.A. (eds.) USENIX ATC (2011)"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Hassan, M., et al.: Evaluating container debloaters. In: IEEE Secure Development Conference, SecDev 2023, Atlanta, GA, USA, 18\u201320 October 2023. IEEE (2023)","DOI":"10.1109\/SecDev56634.2023.00023"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Heo, K., Lee, W., Pashakhanloo, P., Naik, M.: Effective program debloating via reinforcement learning. In: 2018 ACM CCS, pp. 380\u2013394 (2018)","DOI":"10.1145\/3243734.3243838"},{"issue":"2","key":"12_CR23","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1109\/MS.2015.40","volume":"32","author":"GJ Holzmann","year":"2015","unstructured":"Holzmann, G.J.: Code inflation. IEEE Softw. 32(2), 10\u201313 (2015)","journal-title":"IEEE Softw."},{"key":"12_CR24","unstructured":"Homescu, A., Stewart, M., Larsen, P., Brunthaler, S., Franz, M.: Microgadgets: size does matter in Turing-Complete Return-Oriented programming. In: USENIX WOOT \u201912 (2012)"},{"issue":"3","key":"12_CR25","first-page":"2062","volume":"20","author":"F Javed","year":"2018","unstructured":"Javed, F., Afzal, M.K., Sharif, M., Kim, B.S.: Internet of things (IoT) operating systems support, networking technologies, applications, and challenges: a comparative review. IEEE CS &T 20(3), 2062\u20132100 (2018)","journal-title":"IEEE CS &T"},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Jiang, Y., Wu, D., Liu, P.: JRed: program customization and bloatware mitigation based on static analysis. In: IEEE COMPSAC, pp. 12\u201321 (2016)","DOI":"10.1109\/COMPSAC.2016.146"},{"issue":"3","key":"12_CR27","doi-asserted-by":"publisher","first-page":"480","DOI":"10.1145\/243439.243447","volume":"28","author":"ND Jones","year":"1996","unstructured":"Jones, N.D.: An introduction to partial evaluation. ACM Comput. Surv. 28(3), 480\u2013503 (1996)","journal-title":"ACM Comput. Surv."},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Kalhauge, C.G., Palsberg, J.: Logical bytecode reduction. In: ACM SIGPLAN PLDI, pp. 1003\u20131016. ACM (2021)","DOI":"10.1145\/3453483.3454091"},{"key":"12_CR29","unstructured":"Kuo, H., et al.: Multik: a framework for orchestrating multiple specialized kernels. CoRR abs\/1903.06889 (2019)"},{"key":"12_CR30","doi-asserted-by":"crossref","unstructured":"Kupoluyi, T., Chaqfeh, M., Varvello, M., Hashmi, W., Subramanian, L., Zaki, Y.: Muzeel: a dynamic Javascript analyzer for dead code elimination in today\u2019s web. arXiv preprint arXiv:2106.08948 (2021)","DOI":"10.1145\/3517745.3561427"},{"key":"12_CR31","doi-asserted-by":"crossref","unstructured":"Malecha, G., Gehani, A., Shankar, N.: Automated software winnowing. In: 30th ACM Symposium on Applied Computing (SAC) (2015)","DOI":"10.1145\/2695664.2695751"},{"key":"12_CR32","unstructured":"Martin, R.C.: The open-closed principle. More C++ Gems 19(96) (1996)"},{"key":"12_CR33","doi-asserted-by":"crossref","unstructured":"Navas, J., Gehani, A.: OCCAMv2: combining static and dynamic analysis for effective and efficient whole program specialization. Commun. ACM 66(4) (2023)","DOI":"10.1145\/3583112"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Necula, G.C., McPeak, S., Rahul, S.P., Weimer, W.: CIL: intermediate language and tools for analysis and transformation of C programs. In: Horspool, R.N. (ed.) Conference on Compiler Construction (2002)","DOI":"10.1007\/3-540-45937-5_16"},{"key":"12_CR35","doi-asserted-by":"crossref","unstructured":"Obbink, N.G., Malavolta, I., Scoccia, G.L., Lago, P.: An extensible approach for taming the challenges of Javascript dead code elimination. In: Oliveto, R., Penta, M.D., Shepherd, D.C. (eds.) Conference on Software Analysis, Evolution and Reengineering (2018)","DOI":"10.1109\/SANER.2018.8330226"},{"key":"12_CR36","doi-asserted-by":"crossref","unstructured":"Porter, C., Mururu, G., Barua, P., Pande, S.: Blankit library debloating: getting what you want instead of cutting what you don\u2019t. In: ACM SIGPLAN PLDI, pp. 164\u2013180 (2020)","DOI":"10.1145\/3395649"},{"key":"12_CR37","unstructured":"Qian, C., Hu, H., Alharthi, M., Chung, P.H., Kim, T., Lee, W.: Razor: a framework for post-deployment software debloating. In: USENIX Security (2019)"},{"key":"12_CR38","doi-asserted-by":"crossref","unstructured":"Quach, A., Erinfolami, R., Demicco, D., Prakash, A.: A multi-OS cross-layer study of bloating in user programs, kernel and managed execution environments. In: Kim, T., Wang, C., Wu, D. (eds.) Workshop on Forming an Ecosystem Around Software Transformation (2017)","DOI":"10.1145\/3141235.3141242"},{"key":"12_CR39","unstructured":"Quach, A., Prakash, A., Yan, L.: Debloating software through piece-wise compilation and loading. In: USENIX Security, pp. 869\u2013886 (2018)"},{"key":"12_CR40","doi-asserted-by":"crossref","unstructured":"Ramanathan, M.K., Clapp, L., Barik, R., Sridharan, M.: Piranha: reducing feature flag debt at UBER. In: Rothermel, G., Bae, D. (eds.) ICSE-SEIP, pp. 221\u2013230. ACM (2020)","DOI":"10.1145\/3377813.3381350"},{"key":"12_CR41","doi-asserted-by":"crossref","unstructured":"Rastogi, V., Davidson, D., Carli, L.D., Jha, S., McDaniel, P.D.: Cimplifier: automatically debloating containers. In: Bodden, E., Sch\u00e4fer, W., van Deursen, A., Zisman, A. (eds.) European Software Engineering Conference\/Foundations of Software Engineering (2017)","DOI":"10.1145\/3106237.3106271"},{"key":"12_CR42","doi-asserted-by":"crossref","unstructured":"Regehr, J., Chen, Y., Cuoq, P., Eide, E., Ellison, C., Yang, X.: Test-case reduction for C compiler bugs. In: ACM PLDI, pp. 335\u2013346 (2012)","DOI":"10.1145\/2345156.2254104"},{"key":"12_CR43","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Ning, P., di Vimercati, S.D.C., Syverson, P.F. (eds.) ACM CCS 2007, pp. 552\u2013561. ACM (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"12_CR44","doi-asserted-by":"crossref","unstructured":"Sharif, H., Abubakar, M., Gehani, A., Zaffar, F.: Trimmer: application specialization for code debloating. In: 33rd IEEE\/ACM International Conference on Automated Software Engineering (ASE) (2018)","DOI":"10.1145\/3238147.3238160"},{"key":"12_CR45","unstructured":"Smowton, C.S.: I\/O Optimisation and elimination via partial evaluation. Technical report, UC, CL, December 2014"},{"key":"12_CR46","doi-asserted-by":"crossref","unstructured":"Sun, C., Li, Y., Zhang, Q., Gu, T., Su, Z.: Perses: syntax-guided program reduction. In: ICSE 2018, pp. 361\u2013371 (2018)","DOI":"10.1145\/3180155.3180236"},{"key":"12_CR47","doi-asserted-by":"crossref","unstructured":"Tip, F., Laffra, C., Sweeney, P.F., Streeter, D.: Practical experience with an application extractor for Java. SIGPLAN Not. 34(10), 292\u2013305 (1999)","DOI":"10.1145\/320385.320414"},{"key":"12_CR48","doi-asserted-by":"crossref","unstructured":"Turcotte, A., Arteca, E., Mishra, A., Alimadadi, S., Tip, F.: Stubbifier: debloating dynamic server-side Javascript applications. CoRR abs\/2110.14162 (2021)","DOI":"10.1007\/s10664-022-10195-6"},{"key":"12_CR49","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.infsof.2018.10.009","volume":"107","author":"HC V\u00e1zquez","year":"2019","unstructured":"V\u00e1zquez, H.C., Bergel, A., Vidal, S.A., Pace, J.A.D., Marcos, C.A.: Slimming Javascript applications: an approach for removing unused functions from Javascript libraries. Inf. Softw. Technol. 107, 18\u201329 (2019)","journal-title":"Inf. Softw. Technol."},{"key":"12_CR50","unstructured":"Wu, J., et al.: LightBlue: automatic profile-aware debloating of Bluetooth stacks. In: 30th USENIX Security Symposium (2021)"},{"key":"12_CR51","doi-asserted-by":"crossref","unstructured":"Xin, Q., Kim, M., Zhang, Q., Orso, A.: Program debloating via stochastic optimization. In: ICSE-NIER \u201920, pp. 65\u201368 (2020)","DOI":"10.1145\/3377816.3381739"},{"key":"12_CR52","doi-asserted-by":"crossref","unstructured":"Xin, Q., Kim, M., Zhang, Q., Orso, A.: Subdomain-based generality-aware debloating. In: 35th IEEE\/ACM ASE (2020)","DOI":"10.1145\/3324884.3416644"},{"key":"12_CR53","doi-asserted-by":"crossref","unstructured":"Xu, G., Mitchell, N., Arnold, M., Rountev, A., Sevitsky, G.: Software bloat analysis: finding, removing, and preventing performance problems in modern large-scale object-oriented applications. In: FSE\/SDP, pp. 421\u2013426 (2010)","DOI":"10.1145\/1882362.1882448"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-51482-1_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T06:06:12Z","timestamp":1704866772000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-51482-1_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031514814","9783031514821"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-51482-1_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"11 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Hague","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"The Netherlands","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 September 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2023.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"478","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"93","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}