SoK: Software Debloating Landscape and Future Directions

Mohannad Alhanahnah; Yazan Boshmaf; Ashish Gehani

doi:10.1145/3689937.3695792

SoK: Software Debloating Landscape and Future Directions

Mohannad Alhanahnah, Yazan Boshmaf, Ashish Gehani

Qatar Computing Research Institute

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Software debloating seeks to mitigate security risks and improve performance by eliminating unnecessary code. In recent years, a plethora of debloating tools have been developed, creating a dense and varied landscape. Several studies have delved into the literature, focusing on comparative analysis of these tools. To build upon these efforts, this paper presents a comprehensive systematization of knowledge (SoK) of the software debloating landscape. We conceptualize the software debloating workflow, which serves as the basis for developing a multilevel taxonomy. This framework classifies debloating tools according to their input/output artifacts, debloating strategies, and evaluation criteria. Lastly, we apply the taxonomy to pinpoint open problems in the field, which, together with the SoK, provide a foundational reference for researchers aiming to improve software security and efficiency through debloating.

Original language	English
Title of host publication	Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024
Subtitle of host publication	CCS 2024
Publisher	Association for Computing Machinery, Inc
Pages	11-18
Number of pages	8
ISBN (Electronic)	9798400712333
DOIs	https://doi.org/10.1145/3689937.3695792
Publication status	Published - 19 Nov 2024
Event	6th Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2024 - Salt Lake City, United States Duration: 14 Oct 2024 → 18 Oct 2024

Publication series

Name	FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024

Conference

Conference	6th Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2024
Country/Territory	United States
City	Salt Lake City
Period	14/10/24 → 18/10/24

Keywords

Sbom
Sdlc
Software Debloating
Software Security
Systematization of Knowledge
Taxonomy

Access to Document

10.1145/3689937.3695792

Cite this

Alhanahnah, M., Boshmaf, Y., & Gehani, A. (2024). SoK: Software Debloating Landscape and Future Directions. In Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024: CCS 2024 (pp. 11-18). (FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024). Association for Computing Machinery, Inc. https://doi.org/10.1145/3689937.3695792

Alhanahnah, Mohannad ; Boshmaf, Yazan ; Gehani, Ashish. / SoK : Software Debloating Landscape and Future Directions. Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024: CCS 2024. Association for Computing Machinery, Inc, 2024. pp. 11-18 (FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024).

@inproceedings{cc0242e4abb24bc2a3556de4b6952e8a,

title = "SoK: Software Debloating Landscape and Future Directions",

abstract = "Software debloating seeks to mitigate security risks and improve performance by eliminating unnecessary code. In recent years, a plethora of debloating tools have been developed, creating a dense and varied landscape. Several studies have delved into the literature, focusing on comparative analysis of these tools. To build upon these efforts, this paper presents a comprehensive systematization of knowledge (SoK) of the software debloating landscape. We conceptualize the software debloating workflow, which serves as the basis for developing a multilevel taxonomy. This framework classifies debloating tools according to their input/output artifacts, debloating strategies, and evaluation criteria. Lastly, we apply the taxonomy to pinpoint open problems in the field, which, together with the SoK, provide a foundational reference for researchers aiming to improve software security and efficiency through debloating.",

keywords = "Sbom, Sdlc, Software Debloating, Software Security, Systematization of Knowledge, Taxonomy",

author = "Mohannad Alhanahnah and Yazan Boshmaf and Ashish Gehani",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 6th Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2024 ; Conference date: 14-10-2024 Through 18-10-2024",

year = "2024",

month = nov,

day = "19",

doi = "10.1145/3689937.3695792",

language = "English",

series = "FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024",

publisher = "Association for Computing Machinery, Inc",

pages = "11--18",

booktitle = "Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024",

}

Alhanahnah, M, Boshmaf, Y & Gehani, A 2024, SoK: Software Debloating Landscape and Future Directions. in Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024: CCS 2024. FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024, Association for Computing Machinery, Inc, pp. 11-18, 6th Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2024, Salt Lake City, United States, 14/10/24. https://doi.org/10.1145/3689937.3695792

SoK: Software Debloating Landscape and Future Directions. / Alhanahnah, Mohannad; Boshmaf, Yazan; Gehani, Ashish.
Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024: CCS 2024. Association for Computing Machinery, Inc, 2024. p. 11-18 (FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - SoK

T2 - 6th Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2024

AU - Alhanahnah, Mohannad

AU - Boshmaf, Yazan

AU - Gehani, Ashish

PY - 2024/11/19

Y1 - 2024/11/19

N2 - Software debloating seeks to mitigate security risks and improve performance by eliminating unnecessary code. In recent years, a plethora of debloating tools have been developed, creating a dense and varied landscape. Several studies have delved into the literature, focusing on comparative analysis of these tools. To build upon these efforts, this paper presents a comprehensive systematization of knowledge (SoK) of the software debloating landscape. We conceptualize the software debloating workflow, which serves as the basis for developing a multilevel taxonomy. This framework classifies debloating tools according to their input/output artifacts, debloating strategies, and evaluation criteria. Lastly, we apply the taxonomy to pinpoint open problems in the field, which, together with the SoK, provide a foundational reference for researchers aiming to improve software security and efficiency through debloating.

AB - Software debloating seeks to mitigate security risks and improve performance by eliminating unnecessary code. In recent years, a plethora of debloating tools have been developed, creating a dense and varied landscape. Several studies have delved into the literature, focusing on comparative analysis of these tools. To build upon these efforts, this paper presents a comprehensive systematization of knowledge (SoK) of the software debloating landscape. We conceptualize the software debloating workflow, which serves as the basis for developing a multilevel taxonomy. This framework classifies debloating tools according to their input/output artifacts, debloating strategies, and evaluation criteria. Lastly, we apply the taxonomy to pinpoint open problems in the field, which, together with the SoK, provide a foundational reference for researchers aiming to improve software security and efficiency through debloating.

KW - Sbom

KW - Sdlc

KW - Software Debloating

KW - Software Security

KW - Systematization of Knowledge

KW - Taxonomy

UR - http://www.scopus.com/inward/record.url?scp=85214142287&partnerID=8YFLogxK

U2 - 10.1145/3689937.3695792

DO - 10.1145/3689937.3695792

M3 - Conference contribution

AN - SCOPUS:85214142287

T3 - FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024

SP - 11

EP - 18

BT - Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024

PB - Association for Computing Machinery, Inc

Y2 - 14 October 2024 through 18 October 2024

ER -

Alhanahnah M, Boshmaf Y, Gehani A. SoK: Software Debloating Landscape and Future Directions. In Proceedings Of The 2024 Workshop On Forming An Ecosystem Around Software Transformation, Feast 2024: CCS 2024. Association for Computing Machinery, Inc. 2024. p. 11-18. (FEAST 2024 - Proceedings of the 2024 Workshop on Forming an Ecosystem Around Software Transformation, Co-Located with: CCS 2024). doi: 10.1145/3689937.3695792

SoK: Software Debloating Landscape and Future Directions

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this