{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T14:48:13Z","timestamp":1776782893334,"version":"3.51.2"},"reference-count":108,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2020,12,17]],"date-time":"2020-12-17T00:00:00Z","timestamp":1608163200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100015089","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-17-1-2788 N00014-16-1-2261"],"award-info":[{"award-number":["N00014-17-1-2788 N00014-16-1-2261"]}],"id":[{"id":"10.13039\/100015089","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Digital Threats"],"published-print":{"date-parts":[[2020,12,31]]},"abstract":"<jats:p>\n            Developers nowadays have access to an arsenal of toolkits and libraries for rapid application prototyping. However, when an application loads a library, the entirety of that library\u2019s code is mapped into the process address space, even if only a single function is actually needed. The unused portion is\n            <jats:italic>bloat<\/jats:italic>\n            that can negatively impact software defenses by unnecessarily inflating their overhead or increasing the attack surface. In this article, we investigate whether debloating is possible and practical at the binary level. To this end, we present\n            <jats:italic>Nibbler<\/jats:italic>\n            : a system that identifies and erases unused functions within dynamic shared libraries. Nibbler works in tandem with defenses such as continuous code re-randomization and control-flow integrity, enhancing them without incurring additional run-time overhead. We developed and tested a prototype of Nibbler on x86-64 Linux; Nibbler reduces the size of shared libraries and the number of available functions, for real-world binaries and the SPEC CINT2006 suite, by up to 56% and 82%, respectively. We also demonstrate that Nibbler benefits defenses by showing that: (i) it improves the deployability of a continuous re-randomization system for binaries, namely, Shuffler, by increasing its efficiency by 20%, and (ii) it improves certain fast but coarse and context-insensitive control-flow integrity schemes by reducing the number of gadgets reachable through indirect branch instructions by 75% and 49%, on average. Last, we apply Nibbler on \u224830K C\/C++ binaries and \u22485K unique dynamic shared libraries (i.e., almost the complete set of the Debian sid distribution), as well as on nine official Docker images (with millions of downloads in Docker Hub), reporting entrancing findings regarding code bloat at large.\n          <\/jats:p>","DOI":"10.1145\/3414997","type":"journal-article","created":{"date-parts":[[2020,12,17]],"date-time":"2020-12-17T18:09:54Z","timestamp":1608228594000},"page":"1-28","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Large-scale Debloating of Binary Shared Libraries"],"prefix":"10.1145","volume":"1","author":[{"given":"Ioannis","family":"Agadakos","sequence":"first","affiliation":[{"name":"SRI International, New York, NY"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicholas","family":"Demarinis","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Di","family":"Jin","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kent","family":"Williams-King","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jearson","family":"Alfajardo","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Benjamin","family":"Shteinfeld","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David","family":"Williams-King","sequence":"additional","affiliation":[{"name":"Columbia University, New York, NY"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vasileios P.","family":"Kemerlis","sequence":"additional","affiliation":[{"name":"Brown University, Providence, RI"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Georgios","family":"Portokalidis","sequence":"additional","affiliation":[{"name":"Stevens Institute of Technology, Hoboken, NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,12,17]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Proceedings of the ACM CCS. 340--353","author":"Abadi Mart\u00edn","year":"2005","unstructured":"Mart\u00edn Abadi , Mihai Budiu , \u00dalfar Erlingsson , and Jay Ligatti . 2005 . Control-flow integrity . In Proceedings of the ACM CCS. 340--353 . Mart\u00edn Abadi, Mihai Budiu, \u00dalfar Erlingsson, and Jay Ligatti. 2005. Control-flow integrity. In Proceedings of the ACM CCS. 340--353."},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the ACSAC. 70--83","author":"Agadakos Ioannis","year":"2019","unstructured":"Ioannis Agadakos , Di Jin , David Williams-King , Vasileios P. Kemerlis , and Georgios Portokalidis . 2019 . Nibbler: Debloating binary shared libraries . In Proceedings of the ACSAC. 70--83 . Ioannis Agadakos, Di Jin, David Williams-King, Vasileios P. Kemerlis, and Georgios Portokalidis. 2019. Nibbler: Debloating binary shared libraries. In Proceedings of the ACSAC. 70--83."},{"key":"e_1_2_1_3_1","volume-title":"Ullman","author":"Aho Alfred V.","year":"2006","unstructured":"Alfred V. Aho , Monica S. Lam , Ravi Sethi , and Jeffrey D . Ullman . 2006 . Compilers : Principles, Techniques, and Tools (2nd ed.). Pearson Education . Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman. 2006. Compilers: Principles, Techniques, and Tools (2nd ed.). Pearson Education."},{"key":"e_1_2_1_4_1","unstructured":"Alexa. 2018. The top 500 sites on the web. Retrieved from https:\/\/www.alexa.com\/topsites.  Alexa. 2018. The top 500 sites on the web. Retrieved from https:\/\/www.alexa.com\/topsites."},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of the ACSAC. 84--96","author":"Alves-Foss Jim","year":"2019","unstructured":"Jim Alves-Foss and Jia Song . 2019 . Function boundary detection in stripped binaries . In Proceedings of the ACSAC. 84--96 . Jim Alves-Foss and Jia Song. 2019. Function boundary detection in stripped binaries. In Proceedings of the ACSAC. 84--96."},{"key":"e_1_2_1_6_1","volume-title":"Proceedings of the EuroSys. 295--308","author":"Anand Kapil","year":"2013","unstructured":"Kapil Anand , Matthew Smithson , Khaled Elwazeer , Aparna Kotha , Jim Gruen , Nathan Giles , and Rajeev Barua . 2013 . A compiler-level intermediate representation based binary analysis and rewriting system . In Proceedings of the EuroSys. 295--308 . Kapil Anand, Matthew Smithson, Khaled Elwazeer, Aparna Kotha, Jim Gruen, Nathan Giles, and Rajeev Barua. 2013. A compiler-level intermediate representation based binary analysis and rewriting system. In Proceedings of the EuroSys. 295--308."},{"key":"e_1_2_1_7_1","volume-title":"Data Execution Prevention","author":"Andersen Starr","unstructured":"Starr Andersen and Vincent Abella . 2004. Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies , Data Execution Prevention . Microsoft TechNet Library . Retrieved from http:\/\/technet.microsoft.com\/en-us\/library\/bb457155.aspx. Starr Andersen and Vincent Abella. 2004. Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies, Data Execution Prevention. Microsoft TechNet Library. Retrieved from http:\/\/technet.microsoft.com\/en-us\/library\/bb457155.aspx."},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of the USENIX SEC. 583--600","author":"Andriesse Dennis","unstructured":"Dennis Andriesse , Xi Chen , Victor van der Veen, Asia Slowinska, and Herbert Bos. 2016. An in-depth analysis of disassembly on full-scale x86\/x64 binaries . In Proceedings of the USENIX SEC. 583--600 . Dennis Andriesse, Xi Chen, Victor van der Veen, Asia Slowinska, and Herbert Bos. 2016. An in-depth analysis of disassembly on full-scale x86\/x64 binaries. In Proceedings of the USENIX SEC. 583--600."},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the USENIX SEC. 1697--1714","author":"Azad Babak Amin","year":"2019","unstructured":"Babak Amin Azad , Pierre Laperdrix , and Nick Nikiforakis . 2019 . Less is more: Quantifying the security benefits of debloating web applications . In Proceedings of the USENIX SEC. 1697--1714 . Babak Amin Azad, Pierre Laperdrix, and Nick Nikiforakis. 2019. Less is more: Quantifying the security benefits of debloating web applications. In Proceedings of the USENIX SEC. 1697--1714."},{"key":"e_1_2_1_10_1","unstructured":"Eli Bendersky. 2020. pyelftools\u2014Parsing ELF and DWARF in Python. Retrieved from https:\/\/github.com\/eliben\/pyelftools.  Eli Bendersky. 2020. pyelftools\u2014Parsing ELF and DWARF in Python. Retrieved from https:\/\/github.com\/eliben\/pyelftools."},{"key":"e_1_2_1_11_1","volume-title":"Proceedings of the ACM CCS. 268--279","author":"Bigelow David","year":"2015","unstructured":"David Bigelow , Thomas Hobson , Robert Rudd , William Streilein , and Hamed Okhravi . 2015 . Timely rerandomization for mitigating memory disclosures . In Proceedings of the ACM CCS. 268--279 . David Bigelow, Thomas Hobson, Robert Rudd, William Streilein, and Hamed Okhravi. 2015. Timely rerandomization for mitigating memory disclosures. In Proceedings of the ACM CCS. 268--279."},{"key":"e_1_2_1_12_1","volume-title":"Proceedings of the IEEE S8P. 227--242","author":"Bittau Andrea","year":"2014","unstructured":"Andrea Bittau , Adam Belay , Ali Mashtizadeh , David Mazi\u00e8res , and Dan Boneh . 2014 . Hacking blind . In Proceedings of the IEEE S8P. 227--242 . Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Mazi\u00e8res, and Dan Boneh. 2014. Hacking blind. In Proceedings of the IEEE S8P. 227--242."},{"key":"e_1_2_1_13_1","volume-title":"Schwartz","author":"Brumley David","year":"2011","unstructured":"David Brumley , Ivan Jager , Thanassis Avgerinos , and Edward J . Schwartz . 2011 . BAP : A binary analysis platform. In Proceedings of the CAV. 463--469. David Brumley, Ivan Jager, Thanassis Avgerinos, and Edward J. Schwartz. 2011. BAP: A binary analysis platform. In Proceedings of the CAV. 463--469."},{"key":"e_1_2_1_14_1","volume-title":"Proceedings of the USENIX SEC. 353--368","author":"Brumley David","year":"2013","unstructured":"David Brumley , JongHyup Lee , Edward J. Schwartz , and Maverick Woo . 2013 . Native x86 decompilation using semantics-preserving structural analysis and iterative control-flow structuring . In Proceedings of the USENIX SEC. 353--368 . David Brumley, JongHyup Lee, Edward J. Schwartz, and Maverick Woo. 2013. Native x86 decompilation using semantics-preserving structural analysis and iterative control-flow structuring. In Proceedings of the USENIX SEC. 353--368."},{"key":"e_1_2_1_15_1","volume-title":"Carey","author":"Bu Yingyi","year":"2013","unstructured":"Yingyi Bu , Vinayak Borkar , Guoqing Xu , and Michael J . Carey . 2013 . A bloat-aware design for big data applications. In Proceedings of the ISMM. 119--130. Yingyi Bu, Vinayak Borkar, Guoqing Xu, and Michael J. Carey. 2013. A bloat-aware design for big data applications. In Proceedings of the ISMM. 119--130."},{"key":"e_1_2_1_16_1","unstructured":"Amat Cama. 2014. Tool to generate ROP gadgets for ARM AARCH64 x86 MIPS PPC RISCV SH4 and SPARC. Retrieved from https:\/\/github.com\/acama\/xrop.  Amat Cama. 2014. Tool to generate ROP gadgets for ARM AARCH64 x86 MIPS PPC RISCV SH4 and SPARC. Retrieved from https:\/\/github.com\/acama\/xrop."},{"key":"e_1_2_1_17_1","volume-title":"Gross","author":"Carlini Nicolas","year":"2015","unstructured":"Nicolas Carlini , Antonio Barresi , Mathias Payer , David Wagner , and Thomas R . Gross . 2015 . Control-flow bending: On the effectiveness of control-flow integrity. In Proceedings of the USENIX SEC. 161--176. Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow bending: On the effectiveness of control-flow integrity. In Proceedings of the USENIX SEC. 161--176."},{"key":"e_1_2_1_18_1","volume-title":"Proceedings of the IEEE S8P. 380--394","author":"Cha Sang Kil","year":"2012","unstructured":"Sang Kil Cha , Thanassis Avgerinos , Alexandre Rebert , and David Brumley . 2012 . Unleashing mayhem on binary code . In Proceedings of the IEEE S8P. 380--394 . Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, and David Brumley. 2012. Unleashing mayhem on binary code. In Proceedings of the IEEE S8P. 380--394."},{"key":"e_1_2_1_19_1","volume-title":"Proceedings of the ACM CCS. 559--572","author":"Checkoway Stephen","year":"2010","unstructured":"Stephen Checkoway , Lucas Davi , Alexandra Dmitrienko , Ahmad-Reza Sadeghi , Hovav Shacham , and Marcel Winandy . 2010 . Return-oriented programming without returns . In Proceedings of the ACM CCS. 559--572 . Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-oriented programming without returns. In Proceedings of the ACM CCS. 559--572."},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the IEEE EuroS8P. 514--529","author":"Chen Xi","year":"2017","unstructured":"Xi Chen , Herbert Bos , and Cristiano Giuffrida . 2017 . CodeArmor: Virtualizing the code space to counter disclosure attacks . In Proceedings of the IEEE EuroS8P. 514--529 . Xi Chen, Herbert Bos, and Cristiano Giuffrida. 2017. CodeArmor: Virtualizing the code space to counter disclosure attacks. In Proceedings of the IEEE EuroS8P. 514--529."},{"key":"e_1_2_1_21_1","unstructured":"Chromium Blog. 2012. A Tale of Two Pwnies. Retrieved from https:\/\/blog.chromium.org\/2012\/05\/tale-of-two-pwnies-part-1.html.  Chromium Blog. 2012. A Tale of Two Pwnies. Retrieved from https:\/\/blog.chromium.org\/2012\/05\/tale-of-two-pwnies-part-1.html."},{"key":"e_1_2_1_22_1","unstructured":"Corelan. 2011. Corelan Repository for mona.py. Retrieved from https:\/\/github.com\/corelan\/mona.  Corelan. 2011. Corelan Repository for mona.py. Retrieved from https:\/\/github.com\/corelan\/mona."},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the NSPW. 95--106","author":"Crane Stephen","year":"2013","unstructured":"Stephen Crane , Per Larsen , Stefan Brunthaler , and Michael Franz . 2013 . Booby trapping software . In Proceedings of the NSPW. 95--106 . Stephen Crane, Per Larsen, Stefan Brunthaler, and Michael Franz. 2013. Booby trapping software. In Proceedings of the NSPW. 95--106."},{"key":"e_1_2_1_24_1","unstructured":"National Vulnerability Database. 2019. BlueKeep Vulnerability (CVE-2019-0708). NIST. Retrieved from https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0708.  National Vulnerability Database. 2019. BlueKeep Vulnerability (CVE-2019-0708). NIST. Retrieved from https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-0708."},{"key":"e_1_2_1_25_1","unstructured":"Bruce Dawson. 2013. Symbols on Linux update: Fedora Fixes. Retrieved from https:\/\/randomascii.wordpress.com\/2013\/03\/05\/symbols-on-linux-update-fedora-fixes\/.  Bruce Dawson. 2013. Symbols on Linux update: Fedora Fixes. Retrieved from https:\/\/randomascii.wordpress.com\/2013\/03\/05\/symbols-on-linux-update-fedora-fixes\/."},{"key":"e_1_2_1_26_1","unstructured":"Debian. 2020. Package: cdebconf. Retrieved from https:\/\/packages.debian.org\/sid\/cdebconf.  Debian. 2020. Package: cdebconf. Retrieved from https:\/\/packages.debian.org\/sid\/cdebconf."},{"key":"e_1_2_1_27_1","unstructured":"Solar Designer. 1997. Getting around non-executable stack (and fix). BugTraq. Retrieved from https:\/\/seclists.org\/bugtraq\/1997\/Aug\/63.  Solar Designer. 1997. Getting around non-executable stack (and fix). BugTraq. Retrieved from https:\/\/seclists.org\/bugtraq\/1997\/Aug\/63."},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the IEEE S8P. 128--142","author":"Dinesh Sushant","year":"2020","unstructured":"Sushant Dinesh , Nathan Burow , Dongyan Xu , and Mathias Payer . 2020 . RetroWrite: Statically instrumenting COTS binaries for fuzzing and sanitization . In Proceedings of the IEEE S8P. 128--142 . Sushant Dinesh, Nathan Burow, Dongyan Xu, and Mathias Payer. 2020. RetroWrite: Statically instrumenting COTS binaries for fuzzing and sanitization. In Proceedings of the IEEE S8P. 128--142."},{"key":"e_1_2_1_29_1","unstructured":"Docker. 2020. Docker Hub. Retrieved from https:\/\/hub.docker.com.  Docker. 2020. Docker Hub. Retrieved from https:\/\/hub.docker.com."},{"key":"e_1_2_1_30_1","unstructured":"Ulrich Drepper. [n.d.]. ELF Symbol Versioning. Retrieved from https:\/\/www.akkadia.org\/drepper\/symbol-versioning.  Ulrich Drepper. [n.d.]. ELF Symbol Versioning. Retrieved from https:\/\/www.akkadia.org\/drepper\/symbol-versioning."},{"key":"e_1_2_1_31_1","volume-title":"Proceedings of the ACM CCS. 901--913","author":"Evans Isaac","year":"2015","unstructured":"Isaac Evans , Fan Long , Ulziibayar Otgonbaatar , Howard Shrobe , Martin Rinard , Hamed Okhravi , and Stelios Sidiroglou-Douskos . 2015 . Control Jujutsu: On the weaknesses of fine-grained control flow integrity . In Proceedings of the ACM CCS. 901--913 . Isaac Evans, Fan Long, Ulziibayar Otgonbaatar, Howard Shrobe, Martin Rinard, Hamed Okhravi, and Stelios Sidiroglou-Douskos. 2015. Control Jujutsu: On the weaknesses of fine-grained control flow integrity. In Proceedings of the ACM CCS. 901--913."},{"key":"e_1_2_1_32_1","unstructured":"Free Software Foundation. 2019. libunistring. Retrieved from https:\/\/www.gnu.org\/software\/libunistring\/.  Free Software Foundation. 2019. libunistring. Retrieved from https:\/\/www.gnu.org\/software\/libunistring\/."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/265563.265576"},{"key":"e_1_2_1_34_1","volume-title":"Hamlen","author":"Ghaffarinia Masoud","year":"2019","unstructured":"Masoud Ghaffarinia and Kevin W . Hamlen . 2019 . Binary control-flow trimming. In Proceedings of the ACM CCS. 1009--1022. Masoud Ghaffarinia and Kevin W. Hamlen. 2019. Binary control-flow trimming. In Proceedings of the ACM CCS. 1009--1022."},{"key":"e_1_2_1_35_1","volume-title":"Tanenbaum","author":"Giuffrida Cristiano","year":"2012","unstructured":"Cristiano Giuffrida , Anton Kuijsten , and Andrew S . Tanenbaum . 2012 . Enhanced operating system security through efficient and fine-grained address space randomization. In Proceedings of the USENIX SEC. 475--490. Cristiano Giuffrida, Anton Kuijsten, and Andrew S. Tanenbaum. 2012. Enhanced operating system security through efficient and fine-grained address space randomization. In Proceedings of the USENIX SEC. 475--490."},{"key":"e_1_2_1_36_1","unstructured":"GNU Development Tools. 2020. objdump\u2014display information from object files. Retrieved from http:\/\/man7.org\/linux\/man-pages\/man1\/objdump.1.html.  GNU Development Tools. 2020. objdump\u2014display information from object files. Retrieved from http:\/\/man7.org\/linux\/man-pages\/man1\/objdump.1.html."},{"key":"e_1_2_1_37_1","volume-title":"Proceedings of the IEEE S8P. 575--589","author":"G\u00f6ktas Enes","year":"2014","unstructured":"Enes G\u00f6ktas , Elias Athanasopoulos , Herbert Bos , and Georgios Portokalidis . 2014 . Out of control: Overcoming control-flow integrity . In Proceedings of the IEEE S8P. 575--589 . Enes G\u00f6ktas, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis. 2014. Out of control: Overcoming control-flow integrity. In Proceedings of the IEEE S8P. 575--589."},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the IEEE EuroS8P. 227--242","author":"G\u00f6ktas Enes","year":"2018","unstructured":"Enes G\u00f6ktas , Benjamin Kollenda , Philipp Koppe , Erik Bosman , Georgios Portokalidis , Thorsten Holz , Herbert Bos , and Cristiano Giuffrida . 2018 . Position-independent code reuse: On the effectiveness of ASLR in the absence of information disclosure . In Proceedings of the IEEE EuroS8P. 227--242 . Enes G\u00f6ktas, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, and Cristiano Giuffrida. 2018. Position-independent code reuse: On the effectiveness of ASLR in the absence of information disclosure. In Proceedings of the IEEE EuroS8P. 227--242."},{"key":"e_1_2_1_39_1","volume-title":"Proceedings of the IEEE SCAM. 129--136","author":"Hamilton James","year":"2009","unstructured":"James Hamilton and Sebastian Danicic . 2009 . An evaluation of current Java bytecode decompilers . In Proceedings of the IEEE SCAM. 129--136 . James Hamilton and Sebastian Danicic. 2009. An evaluation of current Java bytecode decompilers. In Proceedings of the IEEE SCAM. 129--136."},{"key":"e_1_2_1_40_1","volume-title":"Proceedings of the ACM CCS. 380--394","author":"Heo Kihong","year":"2018","unstructured":"Kihong Heo , Woosuk Lee , Pardis Pashakhanloo , and Mayur Naik . 2018 . Effective program debloating via reinforcement learning . In Proceedings of the ACM CCS. 380--394 . Kihong Heo, Woosuk Lee, Pardis Pashakhanloo, and Mayur Naik. 2018. Effective program debloating via reinforcement learning. In Proceedings of the ACM CCS. 380--394."},{"key":"e_1_2_1_41_1","unstructured":"Hex-Rays. 2016. The IDA Pro Disassembler and Debugger. Retrieved from https:\/\/www.hex-rays.com\/products\/ida\/.  Hex-Rays. 2016. The IDA Pro Disassembler and Debugger. Retrieved from https:\/\/www.hex-rays.com\/products\/ida\/."},{"key":"e_1_2_1_42_1","unstructured":"Patrick Horgan. 2011. Linux x86 Program Start Up. Retrieved from http:\/\/dbp-consulting.com\/tutorials\/debugging\/linuxProgramStartup.html.  Patrick Horgan. 2011. Linux x86 Program Start Up. Retrieved from http:\/\/dbp-consulting.com\/tutorials\/debugging\/linuxProgramStartup.html."},{"key":"e_1_2_1_43_1","unstructured":"Intel. 2013. System V Application Binary Interface. Retrieved from https:\/\/software.intel.com\/sites\/default\/files\/article\/402129\/mpx-linux64-abi.pdf.  Intel. 2013. System V Application Binary Interface. Retrieved from https:\/\/software.intel.com\/sites\/default\/files\/article\/402129\/mpx-linux64-abi.pdf."},{"key":"e_1_2_1_44_1","volume-title":"Proceedings of the IEEE COMPSAC. 12--21","author":"Jiang Yufei","year":"2016","unstructured":"Yufei Jiang , Dinghao Wu , and Peng Liu . 2016 . JRed: Program customization and bloatware mitigation based on static analysis . In Proceedings of the IEEE COMPSAC. 12--21 . Yufei Jiang, Dinghao Wu, and Peng Liu. 2016. JRed: Program customization and bloatware mitigation based on static analysis. In Proceedings of the IEEE COMPSAC. 12--21."},{"key":"e_1_2_1_45_1","volume-title":"Proceedings of the IEEE HASE. 122--131","author":"Jiang Yufei","year":"2016","unstructured":"Yufei Jiang , Can Zhang , Dinghao Wu , and Peng Liu . 2016 . Feature-based software customization: Preliminary analysis, formalization, and methods . In Proceedings of the IEEE HASE. 122--131 . Yufei Jiang, Can Zhang, Dinghao Wu, and Peng Liu. 2016. Feature-based software customization: Preliminary analysis, formalization, and methods. In Proceedings of the IEEE HASE. 122--131."},{"key":"e_1_2_1_46_1","unstructured":"JoeDog. 2017. Siege\u2014An http load tester and benchmarking utility. Retrieved from https:\/\/github.com\/JoeDog\/siege.  JoeDog. 2017. Siege\u2014An http load tester and benchmarking utility. Retrieved from https:\/\/github.com\/JoeDog\/siege."},{"key":"e_1_2_1_47_1","volume-title":"Proceedings of the FMCAD. 43--50","author":"Kinder Johannes","year":"2010","unstructured":"Johannes Kinder and Helmut Veith . 2010 . Precise static analysis of untrusted driver binaries . In Proceedings of the FMCAD. 43--50 . Johannes Kinder and Helmut Veith. 2010. Precise static analysis of untrusted driver binaries. In Proceedings of the FMCAD. 43--50."},{"key":"e_1_2_1_48_1","volume-title":"Proceedings of the EuroSec.","author":"Koo Hyungjoon","year":"2019","unstructured":"Hyungjoon Koo , Seyedhamed Ghavamnia , and Michalis Polychronakis . 2019 . Configuration-driven software debloating . In Proceedings of the EuroSec. Hyungjoon Koo, Seyedhamed Ghavamnia, and Michalis Polychronakis. 2019. Configuration-driven software debloating. In Proceedings of the EuroSec."},{"key":"e_1_2_1_49_1","volume-title":"Proceedings of the NDSS.","author":"Kurmus Anil","year":"2013","unstructured":"Anil Kurmus , Reinhard Tartler , Daniela Dorneanu , Bernhard Heinloth , Valentin Rothberg , Andreas Ruprecht , Wolfgang Schr\u00f6der-Preikschat , Daniel Lohmann , and R\u00fcdiger Kapitza . 2013 . Attack surface metrics and automated compile-time OS kernel tailoring . In Proceedings of the NDSS. Anil Kurmus, Reinhard Tartler, Daniela Dorneanu, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Wolfgang Schr\u00f6der-Preikschat, Daniel Lohmann, and R\u00fcdiger Kapitza. 2013. Attack surface metrics and automated compile-time OS kernel tailoring. In Proceedings of the NDSS."},{"key":"e_1_2_1_50_1","volume-title":"Proceedings of the ACM GECCO. 833--838","author":"Landsborough Jason","year":"2015","unstructured":"Jason Landsborough , Stephen Harding , and Sunny Fugate . 2015 . Removing the kitchen sink from software . In Proceedings of the ACM GECCO. 833--838 . Jason Landsborough, Stephen Harding, and Sunny Fugate. 2015. Removing the kitchen sink from software. In Proceedings of the ACM GECCO. 833--838."},{"key":"e_1_2_1_51_1","volume-title":"Linkers and Loaders","author":"Levine John R.","unstructured":"John R. Levine . 1999. Linkers and Loaders ( 1 st ed.). Morgan Kaufmann Publishers Inc ., San Francisco, CA. John R. Levine. 1999. Linkers and Loaders (1st ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA.","edition":"1"},{"key":"e_1_2_1_52_1","volume-title":"Proceedings of the ACM PLDI. 590--601","author":"Liang Percy","year":"2011","unstructured":"Percy Liang and Mayur Naik . 2011 . Scaling abstraction refinement via pruning . In Proceedings of the ACM PLDI. 590--601 . Percy Liang and Mayur Naik. 2011. Scaling abstraction refinement via pruning. In Proceedings of the ACM PLDI. 590--601."},{"key":"e_1_2_1_53_1","unstructured":"The GNU C Library. 2020. System Databases and Name Service Switch. Retrieved from https:\/\/www.gnu.org\/software\/libc\/manual\/html_node\/Name-Service-Switch.html.  The GNU C Library. 2020. System Databases and Name Service Switch. Retrieved from https:\/\/www.gnu.org\/software\/libc\/manual\/html_node\/Name-Service-Switch.html."},{"key":"e_1_2_1_54_1","unstructured":"Linux Programmer\u2019s Manual. 2018. rtld-audit\u2014Auditing API for the dynamic linker. Retrieved from http:\/\/man7.org\/linux\/man-pages\/man7\/rtld-audit.7.html.  Linux Programmer\u2019s Manual. 2018. rtld-audit\u2014Auditing API for the dynamic linker. Retrieved from http:\/\/man7.org\/linux\/man-pages\/man7\/rtld-audit.7.html."},{"key":"e_1_2_1_55_1","unstructured":"Generic Part Linux Standard Base Core Specification. 2015. Exception Frames. Retrieved from https:\/\/refspecs.linuxbase.org\/LSB_5.0.0\/LSB-Core-generic\/LSB-Core-generic\/ehframechpt.html.  Generic Part Linux Standard Base Core Specification. 2015. Exception Frames. Retrieved from https:\/\/refspecs.linuxbase.org\/LSB_5.0.0\/LSB-Core-generic\/LSB-Core-generic\/ehframechpt.html."},{"key":"e_1_2_1_56_1","unstructured":"LLVM Project. 2018. LLVM Link Time Optimization: Design and Implementation. https:\/\/llvm.org\/docs\/LinkTimeOptimization.html.  LLVM Project. 2018. LLVM Link Time Optimization: Design and Implementation. https:\/\/llvm.org\/docs\/LinkTimeOptimization.html."},{"key":"e_1_2_1_57_1","volume-title":"Proceedings of the ACM SAC. 1504--1511","author":"Malecha Gregory","year":"2015","unstructured":"Gregory Malecha , Ashish Gehani , and Natarajan Shankar . 2015 . Automated software winnowing . In Proceedings of the ACM SAC. 1504--1511 . Gregory Malecha, Ashish Gehani, and Natarajan Shankar. 2015. Automated software winnowing. In Proceedings of the ACM SAC. 1504--1511."},{"key":"e_1_2_1_58_1","volume-title":"Control Flow Guard","unstructured":"Microsoft. 2015. Control Flow Guard . Windows Dev Center . Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/mt637065(v&equals;vs.85).aspx. Microsoft. 2015. Control Flow Guard. Windows Dev Center. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/mt637065(v&equals;vs.85).aspx."},{"key":"e_1_2_1_59_1","unstructured":"Microsoft. 2017. Symbols and Symbol Files. Microsoft Developer Network. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ff558825.aspx.  Microsoft. 2017. Symbols and Symbol Files. Microsoft Developer Network. Retrieved from https:\/\/msdn.microsoft.com\/en-us\/library\/ff558825.aspx."},{"key":"e_1_2_1_60_1","volume-title":"Proceedings of the ICSE. 142--151","author":"Misherghi Ghassan","year":"2006","unstructured":"Ghassan Misherghi and Zhendong Su . 2006 . HDD: Hierarchical delta debugging . In Proceedings of the ICSE. 142--151 . Ghassan Misherghi and Zhendong Su. 2006. HDD: Hierarchical delta debugging. In Proceedings of the ICSE. 142--151."},{"key":"e_1_2_1_61_1","volume-title":"Proceedings of the ACSAC. ACM, 1--16","author":"Mishra Shachee","year":"2018","unstructured":"Shachee Mishra and Michalis Polychronakis . 2018 . Shredder: Breaking exploits through API specialization . In Proceedings of the ACSAC. ACM, 1--16 . Shachee Mishra and Michalis Polychronakis. 2018. Shredder: Breaking exploits through API specialization. In Proceedings of the ACSAC. ACM, 1--16."},{"key":"e_1_2_1_62_1","unstructured":"Collin Mulliner and Matthias Neugschwandtner. 2015. Breaking Payloads with Runtime Code Stripping and Image Freezing. BHUSA. Retrieved from https:\/\/www.blackhat.com\/us-15\/briefings.html#breaking-payloads-with-runtime-code-stripping-and-image-freezing.  Collin Mulliner and Matthias Neugschwandtner. 2015. Breaking Payloads with Runtime Code Stripping and Image Freezing. BHUSA. Retrieved from https:\/\/www.blackhat.com\/us-15\/briefings.html#breaking-payloads-with-runtime-code-stripping-and-image-freezing."},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/279310.279314"},{"key":"e_1_2_1_64_1","unstructured":"National Security Agency. 2019. Ghidra. nsa.gov. Retrieved from https:\/\/www.nsa.gov\/resources\/everyone\/ghidra\/.  National Security Agency. 2019. Ghidra. nsa.gov. Retrieved from https:\/\/www.nsa.gov\/resources\/everyone\/ghidra\/."},{"key":"e_1_2_1_65_1","volume-title":"Proceedings of the ACM ESEC\/FSE. 268--278","author":"Nguyen Khanh","year":"2013","unstructured":"Khanh Nguyen and Guoqing Xu . 2013 . Cachetor: Detecting cacheable data to remove bloat . In Proceedings of the ACM ESEC\/FSE. 268--278 . Khanh Nguyen and Guoqing Xu. 2013. Cachetor: Detecting cacheable data to remove bloat. In Proceedings of the ACM ESEC\/FSE. 268--278."},{"key":"e_1_2_1_66_1","volume-title":"Proceedings of the ACM PLDI. 577--587","author":"Niu Ben","year":"2014","unstructured":"Ben Niu and Gang Tan . 2014 . Modular control-flow integrity . In Proceedings of the ACM PLDI. 577--587 . Ben Niu and Gang Tan. 2014. Modular control-flow integrity. In Proceedings of the ACM PLDI. 577--587."},{"key":"e_1_2_1_67_1","volume-title":"Proceedings of the ACM CCS. 914--926","author":"Niu Ben","year":"2015","unstructured":"Ben Niu and Gang Tan . 2015 . Per-input control-flow integrity . In Proceedings of the ACM CCS. 914--926 . Ben Niu and Gang Tan. 2015. Per-input control-flow integrity. In Proceedings of the ACM CCS. 914--926."},{"key":"e_1_2_1_68_1","unstructured":"PaX Team. 2003. Address Space Layout Randomization (ASLR). Retrieved from https:\/\/pax.grsecurity.net\/docs\/aslr.txt.  PaX Team. 2003. Address Space Layout Randomization (ASLR). Retrieved from https:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_2_1_69_1","volume-title":"Proceedings of the USENIX SEC. 1733--1750","author":"Qian Chenxiong","year":"2019","unstructured":"Chenxiong Qian , Hong Hu , Mansour Alharthi , Pak Ho Chung , Taesoo Kim , and Wenke Lee . 2019 . RAZOR: A framework for post-deployment software debloating . In Proceedings of the USENIX SEC. 1733--1750 . Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak Ho Chung, Taesoo Kim, and Wenke Lee. 2019. RAZOR: A framework for post-deployment software debloating. In Proceedings of the USENIX SEC. 1733--1750."},{"key":"e_1_2_1_70_1","volume-title":"Proceedings of the USENIX SEC. 869--886","author":"Quach Anh","year":"2018","unstructured":"Anh Quach , Aravind Prakash , and Lok Yan . 2018 . Debloating software through piece-wise compilation and loading . In Proceedings of the USENIX SEC. 869--886 . Anh Quach, Aravind Prakash, and Lok Yan. 2018. Debloating software through piece-wise compilation and loading. In Proceedings of the USENIX SEC. 869--886."},{"key":"e_1_2_1_71_1","volume-title":"Proceedings of the BHUSA.","author":"Quynh Nguyen Anh","year":"2014","unstructured":"Nguyen Anh Quynh . 2014 . Capstone: Next-gen disassembly framework . In Proceedings of the BHUSA. Nguyen Anh Quynh. 2014. Capstone: Next-gen disassembly framework. In Proceedings of the BHUSA."},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1145\/186025.186041"},{"key":"e_1_2_1_73_1","volume-title":"Proceedings of the DIMVA. 482--501","author":"Redini Nilo","year":"2019","unstructured":"Nilo Redini , Ruoyu Wang , Aravind Machiry , Yan Shoshitaishvili , Giovanni Vigna , and Christopher Kruegel . 2019 . Bintrimmer: Towards static binary debloating through abstract interpretation . In Proceedings of the DIMVA. 482--501 . Nilo Redini, Ruoyu Wang, Aravind Machiry, Yan Shoshitaishvili, Giovanni Vigna, and Christopher Kruegel. 2019. Bintrimmer: Towards static binary debloating through abstract interpretation. In Proceedings of the DIMVA. 482--501."},{"key":"e_1_2_1_74_1","volume-title":"Proceedings of the ACM PLDI. 335--346","author":"Regehr John","year":"2012","unstructured":"John Regehr , Yang Chen , Pascal Cuoq , Eric Eide , Chucky Ellison , and Xuejun Yang . 2012 . Test-case reduction for C compiler bugs . In Proceedings of the ACM PLDI. 335--346 . John Regehr, Yang Chen, Pascal Cuoq, Eric Eide, Chucky Ellison, and Xuejun Yang. 2012. Test-case reduction for C compiler bugs. In Proceedings of the ACM PLDI. 335--346."},{"key":"e_1_2_1_75_1","volume-title":"Proceedings of the NDSS.","author":"Rudd Robert","year":"2017","unstructured":"Robert Rudd , Richard Skowyra , David Bigelow , Veer Dedhia , Thomas Hobson , Stephen Crane , Christopher Liebchen , Per Larsen , Lucas Davi , Michael Franz , Ahmad-Reza Sadeghi , and Hamed Okhravi . 2017 . Address oblivious code reuse: On the effectiveness of leakage resilient diversity . In Proceedings of the NDSS. Robert Rudd, Richard Skowyra, David Bigelow, Veer Dedhia, Thomas Hobson, Stephen Crane, Christopher Liebchen, Per Larsen, Lucas Davi, Michael Franz, Ahmad-Reza Sadeghi, and Hamed Okhravi. 2017. Address oblivious code reuse: On the effectiveness of leakage resilient diversity. In Proceedings of the NDSS."},{"key":"e_1_2_1_76_1","unstructured":"Jonathan Salwan. 2011. ROPgadget\u2014Gadgets finder and auto-roper. Retrieved from http:\/\/shell-storm.org\/project\/ROPgadget\/.  Jonathan Salwan. 2011. ROPgadget\u2014Gadgets finder and auto-roper. Retrieved from http:\/\/shell-storm.org\/project\/ROPgadget\/."},{"key":"e_1_2_1_77_1","unstructured":"Sascha Schirra. 2014. Ropper\u2014rop gadget finder and binary information tool. Retrieved from https:\/\/scoding.de\/ropper\/.  Sascha Schirra. 2014. Ropper\u2014rop gadget finder and binary information tool. Retrieved from https:\/\/scoding.de\/ropper\/."},{"key":"e_1_2_1_78_1","volume-title":"Proceedings of the IEEE S8P. 745--762","author":"Schuster Felix","year":"2015","unstructured":"Felix Schuster , Thomas Tendyck , Christopher Liebchen , Lucas Davi , Ahmad-Reza Sadeghi , and Thorsten Holz . 2015 . Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications . In Proceedings of the IEEE S8P. 745--762 . Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. 2015. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In Proceedings of the IEEE S8P. 745--762."},{"key":"e_1_2_1_79_1","volume-title":"Proceedings of the USENIX SEC. 25--41","author":"Schwartz Edward J.","year":"2011","unstructured":"Edward J. Schwartz , Thanassis Avgerinos , and David Brumley . 2011 . Q: Exploit hardening made easy . In Proceedings of the USENIX SEC. 25--41 . Edward J. Schwartz, Thanassis Avgerinos, and David Brumley. 2011. Q: Exploit hardening made easy. In Proceedings of the USENIX SEC. 25--41."},{"key":"e_1_2_1_80_1","volume-title":"Proceedings of the ACM CCS. 552--561","author":"Shacham Hovav","year":"2007","unstructured":"Hovav Shacham . 2007 . The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86) . In Proceedings of the ACM CCS. 552--561 . Hovav Shacham. 2007. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the ACM CCS. 552--561."},{"key":"e_1_2_1_81_1","volume-title":"Proceedings of the ACM\/IEEE ASE. ACM, 329--339","author":"Sharif Hashim","year":"2018","unstructured":"Hashim Sharif , Muhammad Abubakar , Ashish Gehani , and Fareed Zaffar . 2018 . TRIMMER: Application specialization for code debloating . In Proceedings of the ACM\/IEEE ASE. ACM, 329--339 . Hashim Sharif, Muhammad Abubakar, Ashish Gehani, and Fareed Zaffar. 2018. TRIMMER: Application specialization for code debloating. In Proceedings of the ACM\/IEEE ASE. ACM, 329--339."},{"key":"e_1_2_1_82_1","volume-title":"Proceedings of the IEEE S8P. 138--157","author":"Shoshitaishvili Yan","year":"2016","unstructured":"Yan Shoshitaishvili , Ruoyu Wang , Christopher Salls , Nick Stephens , Mario Polino , Audrey Dutcher , John Grosen , Siji Feng , Christophe Hauser , Christopher Kruegel , and Giovanni Vigna . 2016 . SoK: (State of) The art of war: Offensive techniques in binary analysis . In Proceedings of the IEEE S8P. 138--157 . Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Audrey Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna. 2016. SoK: (State of) The art of war: Offensive techniques in binary analysis. In Proceedings of the IEEE S8P. 138--157."},{"key":"e_1_2_1_83_1","volume-title":"Proceedings of the IEEE S8P. 574--588","author":"Snow Kevin Z.","year":"2013","unstructured":"Kevin Z. Snow , Fabian Monrose , Lucas Davi , Alexandra Dmitrienko , Christopher Liebchen , and Ahmad-Reza Sadeghi . 2013 . Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization . In Proceedings of the IEEE S8P. 574--588 . Kevin Z. Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2013. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In Proceedings of the IEEE S8P. 574--588."},{"key":"e_1_2_1_84_1","volume-title":"Proceedings of the EuroSec.","author":"Strackx Raoul","year":"2009","unstructured":"Raoul Strackx , Yves Younan , Pieter Philippaerts , Frank Piessens , Sven Lachmund , and Thomas Walter . 2009 . Breaking the memory secrecy assumption . In Proceedings of the EuroSec. Raoul Strackx, Yves Younan, Pieter Philippaerts, Frank Piessens, Sven Lachmund, and Thomas Walter. 2009. Breaking the memory secrecy assumption. In Proceedings of the EuroSec."},{"key":"e_1_2_1_85_1","volume-title":"Proceedings of the ICSE. 361--371","author":"Sun Chengnian","year":"2018","unstructured":"Chengnian Sun , Yuanbo Li , Qirun Zhang , Tianxiao Gu , and Zhendong Su . 2018 . Perses: Syntax-guided program reduction . In Proceedings of the ICSE. 361--371 . Chengnian Sun, Yuanbo Li, Qirun Zhang, Tianxiao Gu, and Zhendong Su. 2018. Perses: Syntax-guided program reduction. In Proceedings of the ICSE. 361--371."},{"key":"e_1_2_1_86_1","unstructured":"Debian The Universal Operating System. 2020. The unstable distribution (\u201csid\u201d). Retrieved from https:\/\/www.debian.org\/releases\/sid\/.  Debian The Universal Operating System. 2020. The unstable distribution (\u201csid\u201d). Retrieved from https:\/\/www.debian.org\/releases\/sid\/."},{"key":"e_1_2_1_87_1","volume-title":"Proceedings of the IEEE S8P. 48--62","author":"Szekeres L\u00e1szl\u00f3","year":"2013","unstructured":"L\u00e1szl\u00f3 Szekeres , Mathias Payer , Tao Wei , and Dawn Song . 2013 . SoK: Eternal war in memory . In Proceedings of the IEEE S8P. 48--62 . L\u00e1szl\u00f3 Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal war in memory. In Proceedings of the IEEE S8P. 48--62."},{"key":"e_1_2_1_88_1","unstructured":"t0x0sh. 2014. A tool to help you write binary exploits. Retrieved from https:\/\/github.com\/t00sh\/rop-tool.  t0x0sh. 2014. A tool to help you write binary exploits. Retrieved from https:\/\/github.com\/t00sh\/rop-tool."},{"key":"e_1_2_1_89_1","unstructured":"The Chromium Projects. 2018. Testing and infrastructure. Retrieved from https:\/\/www.chromium.org\/developers\/testing.  The Chromium Projects. 2018. Testing and infrastructure. Retrieved from https:\/\/www.chromium.org\/developers\/testing."},{"key":"e_1_2_1_90_1","volume-title":"Proceedings of the USENIX SEC. 941--955","author":"Tice Caroline","year":"2014","unstructured":"Caroline Tice , Tom Roeder , Peter Collingbourne , Stephen Checkoway , \u00dalfar Erlingsson , Luis Lozano , and Geoff Pike . 2014 . Enforcing forward-edge control-flow integrity in GCC 8 LLVM . In Proceedings of the USENIX SEC. 941--955 . Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, \u00dalfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing forward-edge control-flow integrity in GCC 8 LLVM. In Proceedings of the USENIX SEC. 941--955."},{"key":"e_1_2_1_91_1","unstructured":"TIS Committee. 1995. Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification (v1.2). Retrieved from http:\/\/refspecs.linuxbase.org\/elf\/elf.pdf.  TIS Committee. 1995. Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification (v1.2). Retrieved from http:\/\/refspecs.linuxbase.org\/elf\/elf.pdf."},{"key":"e_1_2_1_92_1","unstructured":"Trail of Bits. 2019. McSema. GitHub. Retrieved from https:\/\/github.com\/trailofbits\/mcsema.  Trail of Bits. 2019. McSema. GitHub. Retrieved from https:\/\/github.com\/trailofbits\/mcsema."},{"key":"e_1_2_1_93_1","volume-title":"Proceedings of the ACM CCS. 927--940","author":"van der Veen Victor","year":"2015","unstructured":"Victor van der Veen , Dennis Andriesse , Enes G\u00f6kta\u015f , Ben Gras , Lionel Sambuc , Asia Slowinska , Herbert Bos , and Cristiano Giuffrida . 2015 . Practical context-sensitive CFI . In Proceedings of the ACM CCS. 927--940 . Victor van der Veen, Dennis Andriesse, Enes G\u00f6kta\u015f, Ben Gras, Lionel Sambuc, Asia Slowinska, Herbert Bos, and Cristiano Giuffrida. 2015. Practical context-sensitive CFI. In Proceedings of the ACM CCS. 927--940."},{"key":"e_1_2_1_94_1","first-page":"11","article-title":"Slimming\u201d a Java virtual machine by way of cold code removal and optimistic partial program loading. Sci","volume":"76","author":"Wagner Gregor","year":"2011","unstructured":"Gregor Wagner , Andreas Gal , and Michael Franz . 2011 . \u201c Slimming\u201d a Java virtual machine by way of cold code removal and optimistic partial program loading. Sci . Comput. Program. 76 , 11 (Nov. 2011), 1037--1053. Gregor Wagner, Andreas Gal, and Michael Franz. 2011. \u201cSlimming\u201d a Java virtual machine by way of cold code removal and optimistic partial program loading. Sci. Comput. Program. 76, 11 (Nov. 2011), 1037--1053.","journal-title":"Comput. Program."},{"key":"e_1_2_1_95_1","volume-title":"Proceedings of the NDSS.","author":"Wang Ruoyu","year":"2017","unstructured":"Ruoyu Wang , Yan Shoshitaishvili , Antonio Bianchi , Aravind Machiry , John Grosen , Paul Grosen , Christopher Kruegel , and Giovanni Vigna . 2017 . Ramblr: Making reassembly great again . In Proceedings of the NDSS. Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, and Giovanni Vigna. 2017. Ramblr: Making reassembly great again. In Proceedings of the NDSS."},{"key":"e_1_2_1_96_1","volume-title":"Proceedings of the USENIX SEC. 627--642","author":"Wang Shuai","year":"2015","unstructured":"Shuai Wang , Pei Wang , and Dinghao Wu . 2015 . Reassembleable disassembling . In Proceedings of the USENIX SEC. 627--642 . Shuai Wang, Pei Wang, and Dinghao Wu. 2015. Reassembleable disassembling. In Proceedings of the USENIX SEC. 627--642."},{"key":"e_1_2_1_97_1","volume-title":"Proceedings of the ACM VEE. 143--156","author":"Wang Zhe","year":"2017","unstructured":"Zhe Wang , Chenggang Wu , Jianjun Li , Yuanming Lai , Xiangyu Zhang , Wei-Chung Hsu , and Yueqiang Cheng . 2017 . ReRanz: A light-weight virtual machine to mitigate memory disclosure attacks . In Proceedings of the ACM VEE. 143--156 . Zhe Wang, Chenggang Wu, Jianjun Li, Yuanming Lai, Xiangyu Zhang, Wei-Chung Hsu, and Yueqiang Cheng. 2017. ReRanz: A light-weight virtual machine to mitigate memory disclosure attacks. In Proceedings of the ACM VEE. 143--156."},{"key":"e_1_2_1_98_1","volume-title":"Proceedings of the ECML-PKDD. 522--536","author":"Wartell Richard","year":"2011","unstructured":"Richard Wartell , Yan Zhou , Kevin W. Hamlen , Murat Kantarcioglu , and Bhavani Thuraisingham . 2011 . Differentiating code from data in x86 binaries . In Proceedings of the ECML-PKDD. 522--536 . Richard Wartell, Yan Zhou, Kevin W. Hamlen, Murat Kantarcioglu, and Bhavani Thuraisingham. 2011. Differentiating code from data in x86 binaries. In Proceedings of the ECML-PKDD. 522--536."},{"key":"e_1_2_1_99_1","unstructured":"Debian Wiki. 2020. Using Symbols Files. Retrieved from https:\/\/wiki.debian.org\/UsingSymbolsFiles.  Debian Wiki. 2020. Using Symbols Files. Retrieved from https:\/\/wiki.debian.org\/UsingSymbolsFiles."},{"key":"e_1_2_1_100_1","unstructured":"Ubuntu Wiki. 2019. Debug Symbol Packages. Retrieved from https:\/\/wiki.ubuntu.com\/Debug%20Symbol%20Packages.  Ubuntu Wiki. 2019. Debug Symbol Packages. Retrieved from https:\/\/wiki.ubuntu.com\/Debug%20Symbol%20Packages."},{"key":"e_1_2_1_101_1","volume-title":"Proceedings of the USENIX OSDI. 367--382","author":"Williams-King David","year":"2016","unstructured":"David Williams-King , Graham Gobieski , Kent Williams-King , James P. Blake , Xinhao Yuan , Patrick Colp , Michelle Zheng , Vasileios P. Kemerlis , Junfeng Yang , and William Aiello . 2016 . Shuffler: Fast and deployable continuous code re-randomization . In Proceedings of the USENIX OSDI. 367--382 . David Williams-King, Graham Gobieski, Kent Williams-King, James P. Blake, Xinhao Yuan, Patrick Colp, Michelle Zheng, Vasileios P. Kemerlis, Junfeng Yang, and William Aiello. 2016. Shuffler: Fast and deployable continuous code re-randomization. In Proceedings of the USENIX OSDI. 367--382."},{"key":"e_1_2_1_102_1","volume-title":"Junfeng Yang, and Vasileios P. Kemerlis.","author":"Williams-King David","year":"2020","unstructured":"David Williams-King , Hidenori Kobayashi , Kent Williams-King , Graham Patterson , Frank Spano , Yu Jian Wu , Junfeng Yang, and Vasileios P. Kemerlis. 2020 . Egalito : Layout-agnostic binary recompilation. In Proceedings of the ASPLOS. 133--147. David Williams-King, Hidenori Kobayashi, Kent Williams-King, Graham Patterson, Frank Spano, Yu Jian Wu, Junfeng Yang, and Vasileios P. Kemerlis. 2020. Egalito: Layout-agnostic binary recompilation. In Proceedings of the ASPLOS. 133--147."},{"key":"e_1_2_1_103_1","unstructured":"Windows Dev Center. 2018. PE Format. Retrieved from https:\/\/msdn.microsoft.com\/library\/windows\/desktop\/ms680547(v&equals;vs.85).aspx.  Windows Dev Center. 2018. PE Format. Retrieved from https:\/\/msdn.microsoft.com\/library\/windows\/desktop\/ms680547(v&equals;vs.85).aspx."},{"key":"e_1_2_1_104_1","volume-title":"Proceedings of the ESORICS. 602--620","author":"Wollgast Patrick","year":"2016","unstructured":"Patrick Wollgast , Robert Gawlik , Behrad Garmany , Benjamin Kollenda , and Thorsten Holz . 2016 . Automated multi-architectural discovery of CFI-resistant code gadgets . In Proceedings of the ESORICS. 602--620 . Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, and Thorsten Holz. 2016. Automated multi-architectural discovery of CFI-resistant code gadgets. In Proceedings of the ESORICS. 602--620."},{"key":"e_1_2_1_105_1","volume-title":"Proceedings of the ACM OOPSLA. 1017--1034","author":"Xu Guoqing","year":"2012","unstructured":"Guoqing Xu . 2012 . Finding reusable data structures . In Proceedings of the ACM OOPSLA. 1017--1034 . Guoqing Xu. 2012. Finding reusable data structures. In Proceedings of the ACM OOPSLA. 1017--1034."},{"key":"e_1_2_1_106_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.988498"},{"key":"e_1_2_1_107_1","volume-title":"Proceedings of the IEEE S8P. 559--573","author":"Zhang Chao","year":"2013","unstructured":"Chao Zhang , Tao Wei , Zhaofeng Chen , Lei Duan , Laszlo Szekeres , Stephen McCamant , Dawn Song , and Wei Zou . 2013 . Practical control flow integrity and randomization for binary executables . In Proceedings of the IEEE S8P. 559--573 . Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical control flow integrity and randomization for binary executables. In Proceedings of the IEEE S8P. 559--573."},{"key":"e_1_2_1_108_1","volume-title":"Proceedings of the USENIX SEC. 337--352","author":"Zhang Mingwei","unstructured":"Mingwei Zhang and R. Sekar . 2013. Control flow integrity for COTS binaries . In Proceedings of the USENIX SEC. 337--352 . Mingwei Zhang and R. Sekar. 2013. Control flow integrity for COTS binaries. In Proceedings of the USENIX SEC. 337--352."}],"container-title":["Digital Threats: Research and Practice"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3414997","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3414997","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3414997","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:23:45Z","timestamp":1750202625000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3414997"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,17]]},"references-count":108,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2020,12,31]]}},"alternative-id":["10.1145\/3414997"],"URL":"https:\/\/doi.org\/10.1145\/3414997","relation":{},"ISSN":["2692-1626","2576-5337"],"issn-type":[{"value":"2692-1626","type":"print"},{"value":"2576-5337","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,12,17]]},"assertion":[{"value":"2020-05-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-12-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}