Slimium: Debloating the Chromium Browser with Feature Subsetting

Today, a web browser plays a crucial role in offering a broad spectrum of web experiences. The most popular browser, Chromium, has become an extremely complex application to meet ever-increasing user demands, exposing unavoidably large attack vectors due to its large code base. Code debloating attracts attention as a means of reducing such a potential attack surface by eliminating unused code. However, it is very challenging to perform sophisticated code removal without breaking needed functionalities because Chromium operates on a large number of closely connected and complex components, such as a renderer and JavaScript engine. In this paper, we present Slimium, a debloating framework for a browser (i.e., Chromium) that harnesses a hybrid approach for a fast and reliable binary instrumentation. The main idea behind Slimium is to determine a set of features as a debloating unit on top of a hybrid (i.e., static, dynamic, heuristic) analysis, and then leverage feature subsetting to code debloating. It aids in i) focusing on security-oriented features, ii) discarding unneeded code simply without complications, and iii)~reasonably addressing a non-deterministic path problem raised from code complexity. To this end, we generate a feature-code map with a relation vector technique and prompt webpage profiling results. Our experimental results demonstrate the practicality and feasibility of Slimium for 40 popular websites, as on average it removes 94 CVEs (61.4%) by cutting down 23.85 MB code (53.1%) from defined features (21.7% of the whole) in Chromium.

[1]  Sotiris Ioannidis,et al.  Master of Web Puppets: Abusing Web Browsers for Persistent and Stealthy Computation , 2018, NDSS.

[2]  Aravind Prakash,et al.  Bloat Factors and Binary Specialization , 2019 .

[3]  Kevin W. Hamlen,et al.  Binary Control-Flow Trimming , 2019, CCS.

[4]  Lok-Kwong Yan,et al.  Debloating Software through Piece-Wise Compilation and Loading , 2018, USENIX Security Symposium.

[5]  Michalis Polychronakis,et al.  Temporal System Call Specialization for Attack Surface Reduction , 2020, USENIX Security Symposium.

[6]  Azzedine Benameur,et al.  Confine: Automated System Call Policy Generation for Container Attack Surface Reduction , 2020, RAID.

[7]  Stephen Kell,et al.  The missing link: explaining ELF static linking, semantically , 2016, OOPSLA.

[8]  Chenxiong Qian,et al.  RAZOR: A Framework for Post-deployment Software Debloating , 2019, USENIX Security Symposium.

[9]  Somesh Jha,et al.  Cimplifier: automatically debloating containers , 2017, ESEC/SIGSOFT FSE.

[10]  Prithayan Barua,et al.  BlankIt library debloating: getting what you want instead of cutting what you don’t , 2020, PLDI.

[11]  Mayur Naik,et al.  Effective Program Debloating via Reinforcement Learning , 2018, CCS.

[12]  Guru Venkataramani,et al.  DamGate: Dynamic Adaptive Multi-feature Gating in Program Binaries , 2017, FEAST@CCS.

[13]  Guru Venkataramani,et al.  Hecate: Automated Customization of Program and Communication Features to Reduce Attack Surfaces , 2019, SecureComm.

[14]  Peng Liu,et al.  JRed: Program Customization and Bloatware Mitigation Based on Static Analysis , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[15]  Chris Kanich,et al.  Most Websites Don't Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security , 2017, CCS.

[16]  Hashim Sharif,et al.  Trimmer: Application Specialization for Code Debloating , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[17]  Úlfar Erlingsson,et al.  Enforcing Forward-Edge Control-Flow Integrity in GCC & LLVM , 2014, USENIX Security Symposium.

[18]  Derek Bruening,et al.  Efficient, transparent, and comprehensive runtime code manipulation , 2004 .

[19]  Michalis Polychronakis,et al.  Configuration-Driven Software Debloating , 2019, EuroSec@EuroSys.

[20]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[21]  Wolfgang Schröder-Preikschat,et al.  Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring , 2013, NDSS.

[22]  Zhongshu Gu,et al.  FACE-CHANGE: Application-Driven Dynamic Kernel View Switching in a Virtual Machine , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[23]  Pierre Laperdrix,et al.  Less is More: Quantifying the Security Benefits of Debloating Web Applications , 2019, USENIX Security Symposium.

[24]  Michalis Polychronakis,et al.  Shredder: Breaking Exploits through API Specialization , 2018, ACSAC.

[25]  Tianyin Xu,et al.  Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating , 2020, Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems.

[26]  Santosh Pande,et al.  CARVE: Practical Security-Focused Software Debloating Using Simple Feature Set Mappings , 2019, ArXiv.

[27]  Воробьев Антон Александрович Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database , 2013 .